<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1678611822423757&amp;ev=PageView&amp;noscript=1">

How Secure Is Google Drive?

Mark Underwood| December 14 2016

| security

how-secure-is-google-driveExfiltration is a decidedly unpleasant word, and it's rarely connected with Google's benign application suite used freely by millions all over the world — Google Apps. Specifically, how secure is Google Drive? Google Drive, a potentially massive repository of intellectual property, personal information — even photos and movies — features a user-friendly browser interface.

Google Apps for Work has been rebranded G Suite, but the security and sharing mechanisms in place are the same. Once a document has been uploaded to a Google server farm, users can click on a G Suite document and turn on link sharing. Within a couple of clicks, the document will have been rendered public (albeit not necessarily discoverable — no SEO secret sauce applies). Unless provided this link by the user, it would take some additional malware or forensics sleuth to discover this document, but users have a way of involuntarily making things easier for access.

Related Article: Is it File Sharing or Oversharing? 

These now-public links can be shared through less secure platforms, such as Facebook, Twitter or email. Users may also have forgotten that an entire folder containing the new document was previously shared.

More Ways to Share

There are other ways to exchange information with Google Drive. Through a Google public API, third parties can develop ftp-like tools that enable the exchange of thousands of files through a convenient user interface.

Developers with average skills can develop applications that access G Suite documents. The problem isn't lax security in Google software. Google implements best practices and has above-average intrusion detection methods. Instead, by leveraging exogenous security lapses, bad actors can leverage the public API to exfiltrate documents or spreadsheets they have discovered.

Too Easy to Share?

When a user decides to share a Google document, form or spreadsheet, Google wants the user to share. Sharing means the document is available to another potential user, whose data can be collected for data mining. This is a fundamental feature of the public cloud company business model. It's true not only for Google but for Facebook, Twitter, Dropbox, Box and Microsoft's Azure and MSN enterprises.

A Safer Way

Instead of asking "How secure is Google Drive?", consider asking how the movement of data in the enterprise is monitored and managed. Ipswitch and other providers recognized the potential risk and have developed tools that monitor and manage file transfers.

Sometimes referred to as enterprise file synchronization and sharing (EFSS), managed file transfer is a stronger contender for a safer way for coworkers to transfer files. This is true for any desktop-to-collaboration activity, not only for G Suite transfers.

Rather than relying on potentially expensive, cycle-stealing data loss prevention (DLP) tooling, provision enterprise users with tools that allow for collaboration while reducing the risk.

 

Related Articles

What is at Stake When Moving Files Today?

Dropbox Drops the Ball Along with Public Folders

The Basics of File Transfer Encryption

Topics: security

Leave a Reply

Your email address will not be published. Required fields are marked *

THIS POST WAS WRITTEN BY Mark Underwood

Free Trials

Getting started has never been easier. Download a trial today.

Download Free Trials

Contact Us

Let us know how we can help you. Focus on what matters. 

Send us a note

Subscribe to our Blog

Let’s stay in touch! Register to receive our blog updates.