Google Drive is easy to use – but is it TOO easy?
July 25, 2017 | Deepak Balakrishna
The era of cloud collaboration – indeed, cloud – everything – is truly upon us. The use of cloud collaboration software has exploded. By one estimate, the use of Enterprise File Sync and Share (EFSS) – like Google Drive, Box, Dropbox, etc – grew a remarkable 72% in one year.
Specifically, the Google Apps collaboration suite has proven to be very popular among small and mid-sized companies.
That makes complete sense because when working with cloud applications, there is no need to worry about hosting applications, capital expenditures, updates, etc. That simplicity and affordability is a big draw especially for SMEs.
Google Drive is easy to use. It is very easy to share what you are working on with contractors, consultants, external parties, your spouse, etc.
Maybe a little TOO easy – and therein lies the problem.
For example, do you know all the people outside of your company you have shared documents with? Are you sure you have revoked access to that contractor who worked with you a few months ago?
Problems with access management on Google Drive
A couple of months ago, we had a consultant work with us temporarily – let’s call him John.
When John left the team, we wanted to remove access to everything we had given John access to.
You’d think this is straightforward? Search for a name/email and ‘remove all access’?
Not! There is just no easy way to do this in Google Drive!
You have to go to each and every file and remove access at the file level. Painful!
To see who can access a file or folder, that can be done easily enough. Bring up Google Drive (as an admin), go to the file or folder, and you can see who has access to the relevant file / folder – as seen in the image below.
But if you want to see ALL the files that are owned by John? Not easy.
Here are some of the other questions you cannot answer easily, quickly or in some cases , at all, with Google Drive:
- Show me all users outside of the company who have access to company documents?
- Show me all documents that are shared widely WITHIN the company?
- Show me all documents that are shared OUTSIDE of the company?
- Google makes it easy to create links and share with people. But who has been using these links?
- These are all standard document access management questions.
As companies move to Google Drive and other such EFSS solutions, they have the same set of needs they did when the data was housed on their on-premises file servers.
This becomes even more important as security breaches have been in the news lately and protecting the data so as not to expose it too widely is paramount.
In short, having too many access points into your Google Drive opens up too many paths for malicious activity.
Sharing links widely, forgetting to revoke access, not sure who has access to what, etc can lead to documents stolen by malicious actors using compromised credentials of users you had even forgotten ever had access!
In addition, most companies have a hybrid environment – some data is on premises and some is in the cloud. In this environment, enterprises would like common controls and policies no matter where the data resides.
They would like to see what data John has access to – both on-premises and in the cloud. Additionally, they would like to know exactly all access by John for all data – both on-premises and in the cloud.
While Google Drive does not make it easy to detect all of this, Adya does!
As data spreads to the cloud – especially to Google Drive which has proven especially popular with SMEs – a well thought out access management and data visibility plan is needed.
A single set of rules and a single pane of glass should be possible to manage and view data everywhere. Otherwise the risk of data theft and data ‘invisibility’ puts the company at risk.