How to Find and Fix Risky Sharing in Google Drive


Every Google Workspace administrator knows how quickly Google Drive becomes a messy sprawl of loosely shared confidential information. This isn’t anyone’s fault; it’s inevitable as your productivity suite is purposefully designed to enable real-time collaboration – both internally and externally.

For Security & Risk Management teams, the untenable risk of any Google Drive footprint lies in the toxic combinations of sensitive data, excessive permissions, and improper sharing. However, it can be challenging to differentiate between typical business practices and potential risks without fully understanding the context and intent.

Material Security, a company renowned for its innovative method of protecting sensitive data within employee mailboxes, has recently launched Data Protection for Google Drive to safeguard the sprawl of confidential information scattered throughout Google Drive with a powerful discovery and remediation toolkit.

Trying to answer fundamental questions about what’s in Google Drive and where it’s shared is painstakingly manual using the Workspace admin dashboard, and working with the Drive API is costly and complex. Given the breadth of sensitive content, this is an area that warrants focus, but it’s challenging to get to the depth required.

Material is backed by a powerful data platform that syncs with your Google Workspace tenant to build out a structured model of historical file contents, metadata, permissions, and sharing settings that is kept up-to-date based on ongoing activity. This data platform enables in-depth inspection that wouldn’t be possible by interfacing with the Drive API alone. With this data platform as the foundation, Material:

The precision of Material allows you to effectively wrangle such a complex and vast data repository without getting in the way of daily use – security without impacting productivity. See it for yourself.

With a powerful data platform as the foundation, you gain an expressive search interface that guides you through your Google Drive footprint to identify toxic combinations worthy of investigation. You can search against file metadata, ownership, content, location, and sharing to answer questions such as:

As you illuminate more of those dangerous blind spots, you continuously gain a more complete view of the environment with heightened security posture – the types of things that make it easier to sleep at night.

The primary remediation mode to fix toxic combinations in Google Drive is to revoke access. That sounds easy on the surface, but when you consider the conditions of the whole space, it becomes a multi-dimensional puzzle. When is external sharing valid and when is it not? Are there users that belong to groups that they shouldn’t? Which settings should change when a document is modified to add confidential information?

Precise search and activity-based filtering enables remediation workflows for scenarios such as:

Applying automation generally can get in the way of day-to-day use, so it’s important to build with precision – a better understanding of the nature of content, which domains are trusted, and common user behaviors help you contain the surface area the right way.

At Material, we focus our efforts on the productivity suite because we believe that it’s critical infrastructure to any organization. And as critical infrastructure, in-depth security defenses that can effectively stop attacks and reduce risk across the environment are paramount.

The new capabilities with Data Protection for Google Drive solve hard data discovery, governance, and access problems that have traditionally been challenging to do without dedicated tooling.

Want to see it for yourself? Schedule a personal demo with our team today.


Please enter your comment!
Please enter your name here