How can I see who has access to my Google Drive?

In today’s ever-connected digital world, platforms like Google Drive are essential for secure and private storage, data sharing, and collaboration. The Covid-19 pandemic and the subsequent increase in remote work led Google Workspace to reach 3 billion users in 2021. Despite its many advantages, Google Drive is not immune to data leaks. As we mentioned in our article “Comprehensive Guide to Preventing and Addressing Google Drive Data Leaks” your Google Drive files and folders are private by default but can be shared with anyone on the Internet. For example, you can share Google Drive files and folders with specific people, Google Groups or even make them public so that anyone on the Internet can access them. Google Workspace users can also share files and folders within their entire organization without providing access to those externally to their Google Workspace domain.

Within Google Drive, Google Workspace users can assign a specific level of access when sharing files and folders with others. You can set the access permissions to either view (read-only), comment or edit (read & write). For example, you may need to send a document or large file, you can upload the file to Google Drive and share it in view mode with the recipient. However, after sharing a file most users never go back and remove the external access. This creates the issue of the oversharing of Google Drive data.

Examples of oversharing within Google Drive.

It is very common to see users sharing and collaborating within Google Drive, after all, that’s the main reason why organisations choose Google Drive and Google Workspace for their business productivity suite. However, not many organisations consider the risk of oversharing within Google Drive. Within Google Workspace and Google Drive, you can collaborate with external organisations, such as a contractor, but what happens after you’re no longer working with that contractor or organisation? Typically, they still have access to the files you previously shared with them. Most employees want to do the right thing, but reviewing and unsharing outdated files is time-consuming. That’s why we created Patronum, to solve the challenge of external oversharing and help create good data governance.

Who has access to my organisation’s Google Drive data?

Within Patronum you can see exactly who has access to your Google Workspace user’s files and folders. The YouTube video below demonstrates the Google Drive Management and Compliance features within Patronum allowing you to see “Who has access to your Google Drive“, and all your organisation’s data regardless of where in Google Drive it’s being stored. Patronum searches all user’s My Drive and Google Shared Drives for files and folders.

With Patronum you can home in on specific users, such as those with a gmail.com account, or everyone from an external organisation. With a few clicks, you can secure your Google Drive environment preventing unwanted users from accessing potentially confidential information or intellectual property.

Manage your external collaboration

Now that you know who has access to your files and folders, you can start to take action. With Patronum you remove all external access, for specific users, or even change their access.

Once you’ve secured your Google Workspace Drive system by removing unwanted and stale access, you need to maintain that good data governance. This may feel like a daunting task, but good data governance with Patronum doesn’t have to be. Here are a few things you can do today that will help you remain secure.

• Education – Make sure everyone within your organisation knows the importance of data management and data protection. Make sure they are correctly trained on how to correctly use Google Drive, and what they should and should not be sharing.
• Least Privilege – Follow the principle of least privilege when it comes to data access.
• Incident Response – Make sure everyone knows what to do when data is shared incorrectly, and have a plan for any data leaks or breaches.

If you want to learn more about how Patronum can help you with regards to data governance simply get in touch.