Introduction to Google Drive Security and Smart Sharing

Introduction to Google Drive Security and Smart Sharing Practices GW

Google Drive Security Features by Default • Storage in the Cloud – If your computer crashes or your hard drive fails, your document will still exist in Google Drive • Network Transport Protection (HTTPS) – Communications between Google Drive and your computer are encrypted to prevent people from eavesdropping on your documents as you edit or read them • Google Authentication & Authorization – Google provides insight how to specify a good password for your account and prevents unauthorized access to your documents • Google Drive Files are Private by Default – Only your account has access to the file when you create a new file in Google Drive • Change Tracking (Google Docs Only) – Google drive automatically tracks changes to the document, allowing you to revert back to previous versions if an unwanted change is implemented GW

Risks to Consider When Using Google Drive • Sharing a file with an unintended party • Setting insecure permissions/sharing context (visibility) to a shared document • An unauthorized party accessing your Google Drive • Uploading a document that is inappropriate for Google Drive • A document you shared with another party is re-shared by that party to an unintended party • If Google or GW SSO experiences an outage, you may not be able to access your files until service is restored GW

Why are Sites like e. Room and Share. Point sometimes Safer? • Google Drive is accessible via the Internet • Sites like e. Room and Share. Point are often only accessible on the organization’s intranet • Therefore, for e. Room/Share. Point, the attacker has to compromise your Net. ID and get a GWU intranet address to access the application (Usually via taking over a laptop/desktop with malware) • With Google Drive, all they need to do is compromise your Google account and can access it from anywhere; there is no need to compromise a machine GW

Google Drive: Private Files and Folders • Private File – Default Google Drive file permission when uploading or creating new documents – Only the owner can access the document • Private Folder – Folders are private by default – Folders can store multiple files and sub-folders – A private folder can contain both private and shared files and sub-folders GW

Google Drive: Shared Files and Folders • • Shared File – When enabling sharing, by default, the document is shared privately; the owner must manually additional users unless the visibility option is changed – By default, users who are added as editors of the document can additional people and change permissions of the document, including the document visibility Shared Folder – When enabling sharing, by default, folders are shared privately; the owner must manually additional users unless the visibility option is changed – Files/folders within the shared folder inherit permissions of the shared parent folder – New files and folders added to or created within the shared folder inherit the shared permissions. – Individual file and sub-folder permissions within the shared folder can be later customized manually after being added to the shared folder GW

Google Drive Sharing Settings: Visibility Options • • • Google Drive Visibility Options: | Private | Anyone with the link | Public on the web GW Google Drive Visibility Options: | Private | People at GWU with the link | Anyone at GWU By default, files are shared privately on Google Drive | | GW

Google Drive Shared File User Roles/Access Levels • Owner – Full Control • Editor – – Edit document Add/Remove users by default Cannot delete document Can download or make a copy • Commenter – Read only with the ability to comment – Can download or make a copy • Viewer – Read only – Can download or make a copy GW

How much authority do your editors have? • By default, editors of the document can change visibility settings and add/remove users • This setting can result in the file easily being shared in ways the owner did not intend • It is suggested to restrict the sharing settings so that only the owner can change permissions GW

Do You Trust Your Sharers? • Like other sharing services, Google Drive can assist in protecting a shared document • However, you must trust the people you share the document with • Even with advanced sharing restrictions, the people who have access to the document may make copies or share the document in ways you did not intend without you knowing about it Owner Editor Viewer - Makes Copy Commenter Editor of Copy GW

Data That Should Not be Stored in Google Drive • Policy drives the controls and regulations put in place to protect certain types of data • GW Data Classification Policy: http: //my. gwu. edu/files/policies/Data. Classification. Policy. pdf • Data classified as “Confidential” should not be stored in Google Drive • Examples of Confidential Data include: – Student records and other non-public student data – Credit Card Data – Usernames/passwords – Personnel and payroll information – Health and Patient Information – Data subject to Government regulation – Social Security Numbers X GW

Recommended Sharing Settings for Most Cases • Share privately and explicitly ONLY add essential users as needed (Google Drive default setting) • Set the sharing settings so that only the owner can change permissions (Requires the user to manually adjust this setting after creation) • Do not store data classified as “confidential” on Google Drive GW

Additional Google Drive Best Practices • Utilize a strong password for your Google account (Password managers such as keepass (http: //keepass. info/) are great for this) • Log out of your Google account when you are finished • Beware of using Google Drive on a shared or public computer • Use caution when using Intellectual Property with Google Drive. Google states you retain ownership of these documents, but you may want to read the following: – https: //www. google. com/intl/en/policies/terms/ – https: //www. google. com/policies/privacy/ GW

References and Additional Information Google: Choosing a smart password https: //support. google. com/accounts/answer/32040? hl=en Google Drive Sharing settings overview https: //support. google. com/drive/answer/2494886? p=visibility_options&rd=1 Keepass http: //keepass. info/ Security in Google Drive https: //support. google. com/drive/answer/141702? hl=en What do Google’s Terms of Service mean for the files I upload to Google Drive? https: //support. google. com/drive/answer/2733115? hl=en&ref_topic=2428743 GW