Sometimes data breaches are the work of sophisticated hackers using dark web tools and a network of cybercriminals to extract and steal company data. And sometimes, they happen because someone left a file lying around.

Failing to secure your Google Drive is like leaving your front door unlocked and wide open. Anyone can wander in, take what they want, and disappear before you’ve even noticed something’s wrong. 

With the intensity and frequency of cyberattacks increasing - from December 2022 to February 2023, there were 12 attacks per minute - businesses must be alert to their level of risk, working to reduce their exposure and lock down their cloud-based tools.

Tips to Secure Google Drive

1) Don’t link to your Drive

Your company website is your storefront, so lock your front door. Don’t share links to your organization’s Google Drive on your site or any public-facing platform, as this gives hackers direct access to all your company data. Ensure every employee knows this essential bit of cyber hygiene so there’s no chance of accidental leaks.

2) Turn on 2FA

You should be training your employees on password protection and using 2-factor authentication (2FA) - where a second identifier is asked for along with the password, such as a code sent to an email address or phone number. Using 2FA across your Drive will help prevent phishing attacks and unauthorized access.

Workspace users can turn on 2FA by navigating to their account security settings. This interface also shows you which third-party apps can access your Drive, security recommendations, and recent security activity. Getting your employees familiar with these tools is a good idea so they can manage their own individual risks more effectively.

3) Get admin alerts

Google can toggle on notifications so your Workspace admins are alerted the minute files are shared with users outside your organization. Known as a Data Loss Prevention (DLP) alert, this feature is accessible from the Alert Center and gives admins information on who the Drive file was shared with, when it was shared, the document title, and whether it was modified.

4) Tweak your sharing settings

Admins have full control over what is shared in Google Drive, restricting sharing across the organization or granting access to certain accounts. They can also customize sharing settings - allowing users to only share specific folders, setting up sharing for a specific group, or allowing sharing only with specific domains. 

To adjust your settings: 

  1. Navigate to the Admin console.
  2. Go to Menu, click through Apps to Google Workspace, then Drive and Docs
  3. Click Sharing settings and Sharing options to control what content is shared and where

5) Set up Google Endpoint Management

If your organization employs remote or hybrid workers, they’re likely accessing your Google Drive from a variety of locations and devices. While that offers your team the flexibility they need, it’s also a potential security nightmare.

Get peace of mind that your Drive is defended at every entry point with Google endpoint management. Available in a variety of packages, ranging from basic mobile security to advanced app management, this leverages Google’s vast security expertise to ensure data is protected across mobiles, desktops, laptops and any other device from which staff are logging into the office.

UpCurve Cloud’s experienced team of Google-certified engineers, technicians, and trainers have helped hundreds of companies strengthen their cybersecurity defences to better protect their Google Drive and other digital assets. We can help you make the most of Google’s security tools and features - training your staff in their use and making a plan to minimize your organization’s exposure long term. Contact our security experts today to get started.


Contact Us to Learn More about Transforming Your Business