Google has just announced another step forward in its security offerings, allowing external users to securely collaborate on files in Google Drive with client-side encryption. Now, people outside of your organization can access your encrypted Google Docs, Sheets, and Slides that you want to share with them with a simple pincode. This is much more secure than emailing the files back and forth, which is what most people have been doing up until now. 

 

Why use client-side encryption?

If you are in a profession where you are routinely sharing or using personal information such as healthcare or financial services, client-side encryption is recommended. It adds an extra layer of security so that your data isn’t decipherable by Google or third parties without information that only you can provide. Anyone you share information with has to have an access code you provide. This measure, coupled with multi-factor authentication on your company’s Google accounts, makes your organization less vulnerable to cyberattacks. 

client side encryption gmail - UpCurve Cloud

Google has a guide for enabling and using it in your organization. Prior to the recent announcement, client-side encryption was available for Google Workspace customers for Gmail and Google Calendar. Expanding collaboration on Google Drive files further protects the integrity of your organization’s data while allowing it to be shared and collaborated on easily by people outside your organization. 

 

How to set up an external user to share encrypted files

If you want an external user to collaborate on your files, you can set up a guest identity provider to authenticate external users in the Google Admin console - a full step-by-step guide is available here. You can also indicate if guests can use pre-authenticated identity providers such as Google, Apple or Microsoft. Once this initial step is completed and your guest user’s identity provider is configured, you will be able to share files with pincodes

The only change from regular collaboration in Google Workspace is that your collaborating user will be emailed a pincode separately from the usual Google Drive link to the file, which they will have to enter to access the file. 

 

Why not just continue with emailing files? 

Up until now, you were probably emailing the files to collaborate on them. Collaborating on files via email does not allow you to view a complete revision history or store accurate access logs. It also opens up the possibility of more errors, such as needing to work on the most current copy of the file. Collaboration on “live” files removes these potential issues and is more secure. 

 

Regular collaboration with external users

Suppose you do not routinely work with or share sensitive information such as medical records or financial data. In that case, you don’t need client-side encryption for external users to access your files. However, you may still want to collaborate with people outside of your organization such as vendors or clients. 

Google beefed up its regular collaboration offerings in 2023 by allowing files to be shared with any users external to the organization, even ones without a Google account. Google calls this functionality “visitor sharing” and has a full guide for it here.

Visitor sharing does need to be turned on at the admin level in order to work properly, as it is off by default to those without Google accounts. Instructions for doing this are at the guide linked above. This only applies to organizations that are not using client-side encryption. 

 

 

If you would like to further protect your healthcare or financial services organization, you should be using client-side encryption. UpCurve Cloud can help to set it up and coach you on how to use it properly to lock down your sensitive data. Contact us today to find out how! 

 


Contact Us to Learn More about Transforming Your Business