Addressing Collaboration Tool Security Head On with Google Workspace

“Shoot me a G-Chat.” “Let’s hop on Meet.” “I’ll send you the details in Gmail.” Collaboration tools for task management, calendar sharing, file sharing, instant messaging, and video conferencing make our work days possible — so much so that the terms have become a part of our everyday lexicon.

According to Gartner, nearly 80% of workers reported using collaboration tools for work in 2021, a marked increase since 2019 when 44% fewer people reported the same. In today’s hybrid working environment, collaboration tools are essential to working together with team members logging in from a wide range of locations. The only kink companies have had to work out to reap the benefits of these tools is how to secure them to avoid risks to enterprise security, including potential issues in human resources, data leakage, and intellectual property exposure. 

Aside from identifying security weaknesses as a starting point, many companies are developing tools to secure companies from potential security breaches arising from these collaboration and communications networks. Google Workspace (which includes collaboration tools such as Gmail, Calendar, Meet, Chat, Drive, Docs, Sheets, Slides, Forms, Sites, and more) has emerged as a leader in the development of such tools. 

Google Workspace Develops New Tools to Enhance Collaboration Security

To solve security concerns, many organizations look to third-party security solutions to aid in their efforts to root out threats. Many collaboration platform companies also make security easier by offering security checks and balances within their tools. Let’s explore one of the most prominent examples: Google Workspace.

Of all the available tools, Google Workspace is one of the leaders in enterprise collaboration security. According to Google support pages, their business is built on customer trust — both in their ability to properly secure customer data and their commitment to respect the privacy of the information placed in their systems. As part of this trust and responsibility, Google continues to update its existing processes and develop new tools to ensure customer security. In light of the increasing use of enterprise social collaboration tools, Google has developed several new applications that are putting workers’ and managers’ minds at ease when it comes to security.

1. Data Loss Prevention Tool  

Using Google Workspace’s data loss prevention (DLP) tool, clients can create and apply rules to control the content their employees and other users can share in files outside the organization. Based on these rules, DLP scans files for sensitive content and prevents users from sharing that content. The rules put in place can help determine the character of the DLP incident and trigger an action to assist. The tool can:

• Audit the usage of sensitive content in Google Drive that your users may have already shared to gather information on sensitive files uploaded by users.
• Directly warn end users not to share sensitive content outside of the domain.
• Prevent sharing of sensitive data (such as a Social Security Number) with external users
• Alert administrators or others about policy violations or DLP incidents.
• Investigate details of an incident with information on the policy violation.

Essentially, DLP enables organizations to select what users can share, and prevents unintended exposure of sensitive information such as credit card numbers or identity numbers.

2. Phishing and Malware Protection for Google Drive

In January 2022, Google rolled out additional protections for Workspace users of Google Drive to safeguard against abusive content. The protections alert users who open a potentially suspicious or dangerous file in Google Drive to help protect them and their organization from malware, phishing, and ransomware. The warnings appear as a yellow banner at the top of the page after a user has clicked on a link, but before the file is downloaded. These warnings are already available when opening Google Docs, Sheets, Slides, and Drawings. 

3. Advanced Google Drive Sharing Permissions

Google Workspace has established various permission tiers within Google Shared Drive that allow companies to better monitor and control how content can be shared and by whom.
Each tier comes with a different set of permissions or abilities and every Google Shared Drive user should be assigned permissions appropriate to their needs and level of responsibility. To make this easier, Google has used job titles for naming the tiers. When your administrator is setting up this structure, it’s crucial to ensure employees are given the proper permission levels to enable them to collaborate effectively, while still maintaining security levels. The five tiers are: 

• Managers: This is essentially the shared drive administrator and the highest permission level that is often held by an IT person or system administrator. The manager can perform all of the drive functions, such as creating new folders or files and editing, moving, or deleting files. While other permission levels may also have many of these abilities, the main difference between managers and the other tiers is their ability to remove or add users to folders and to move files between shared drives. They also have the ability to delete the shared drive.
• Content Managers: Those at this permission level can do most of the essential tasks within the shared drive, such as view, edit, or comment on files, upload files, add people to files, and accept or reject comments or suggestions by other users. However, this tier cannot permanently delete files or folders placed in the drive’s trash can, add or remove people from the drive or folders, or move files or folders from one shared drive to another shared drive or their personal drive.
• Contributors: This level, also referred to as “Editor,” is designed for users who need the ability to create, edit and share files and provides many of the same permissions as content managers. While this includes the ability to add people to specific files, similar to content managers they cannot add or remove people from folders or the drive. But unlike content managers, they are restricted from moving files or folders at all, including within the drive itself.
• Commenters: Commenters are just that: users who can see and comment on files within the shared drive but who cannot make changes. This level might be appropriate for seeking feedback from persons interested in the content but are not expected to participate in direct editing, such as executives.
• Viewers: This tier is for those who need access to files but don’t require the ability to manipulate them in any way. Consequently, viewers cannot edit, update, share, or add files. This tier has the least permissions of all and is designed for people who want to look up documents and other information on the shared drive but have no interest in changing them.

As IT managers seek to ensure security for teams working in distributed environments, Google Workspace and the tools mentioned above act as a fail-safe method for ensuring that teams’ work is secured and that teams have what they need to ensure the safe transfer of information. 

For more information on ensuring security when using collaboration tools, download our white paper “How to Address Enterprise Collaboration Security Concerns” for an in-depth look at everything you need to know about upping your security game and defending your organization’s files.