By Vijay Krishna
Published : 26 December, 2017 | Last Modified : 25 May, 2021 | Resource
Google Drive is used by millions of organizations worldwide. It is a online cloud based document collaboration and storage service. It is used by consumers and businesses worldwide. It is a very secure service with high availability.
The year 2017 has again showed us that even the best organizations with large IT teams could not protect against data breaches. Examples include :
The list of attacks is quite long and well covered in the media. Let me get straight to the point. Let’s just say that you have the best IT staff with security experts smarter than the world’s best hackers. Also, you have employed the best security hardware and software to protect your organization. Every time you read about an attack on another well–known brand and you still feel fear. Fear is natural, of course.
Google encrypts static drive data and only authorized users can see it when they login to their Google account. However, your Google drive data, including documents and sheets with sensitive information (example financial , customer, sales or intellectual property) can be compromised in various ways including:
1. When a user installs a third party Google drive application (for example a drawing app or a game). This application gain access to the user Google drive contents. Your Google Drive security is now compromised.
2. When a user’s Google G suite account login credentials are compromised and are used by external attackers. Attackers may then encrypt your Google Drive documents and demand a ransom.
3. If a user within your organization accidentally or deliberately shares Google Drive data containing sensitive information.
4. When an authorized employee needs to share (drive files with sensitive data to an external organization (for example your accountant) but has no way to encrypt the Google Drive documents.
5. Successful phishing attacks including spear phishing may cause your users to send sensitive Google Drive documents links to attackers.
Google guarantees safety of your data but will not take responsibility for user error such as the examples listed above. Drive security is a shared responsibility between you as the customer, the customer and Google.
Is there a solution to absolutely making sure a data breach by an insider or outsider does not cause damage? I will give you the solution as it applies to Google G Suite Drive and Team Drive.
The solution consists of 3 parts, each of which can be independently implemented as G suite security checklist items by administrators:
Encrypt Google Drive files – at least the sensitive ones. Even in the worst case scenario, a data breach would result in attackers laying their hands on encrypted drive documents without the keys to open it; which amounts to meaningless data in the hands of attackers. The solution you deploy must encrypt Google drive including:
Backup your data in a different destination from a cloud-to-cloud backup vendor. With a separate backup copy, even if an attacker or insider completely destroys your data, you can restore it back. Backup is the ultimate insurance policy.
Install a firewall app for your organization’ Google drive. This allows users to install white listed safe apps while automatically blocking access to suspicious unauthorized apps.
That’s it! Your Google Drive Security is assured. Encrypting your sensitive data protects you from insider accidental shares and external threats. Backup gives you an encrypted second copy of your data stored safely by backup vendor. Apps firewall ring fences your drive. This 1 – 2 – 3 punch is a great strategy heading into the holidays with a relaxed mind. SysCloud is a one stop solution for anyone looking to implement all 3 parts with ease with a single application.