On July 21, Google rolled out new features for Google Workspace. In this article, we’ll analyze what this update means for Google Workspace administrators. We’ll have a stronger focus on management and security controls, including data sharing, security policies, and detector rules.
Table of Contents
What Are the Google Workspace New Features?
The first thing we would like you to pay attention to is the new capabilities of data sharing restriction.
Limiting data sharing helps to protect sensitive information from unauthorized access. Configuring the sharing options will help you to determine how your files are shared within your organization and outside of it.
So, what can you do with the Google Drive files within your Google Workspace (G Suite) environment? You can restrict all sharing; restrict all sharing except for some whitelisted domains; or restrict externally shared files from being shared by external users.
As for shared drives, you can prevent people outside the organization from accessing files in a shared drive; prevent non-members of shared drives inside the org from accessing; or prevent commenters and viewers from downloading, copying, and printing files in the shared drive.
Creating security policies for Google Drive data has updated as well.
Google provides templates that help you to protect your users’ confidential information. You have a choice of templates to customize the data protection according to your needs. For example, you can configure health data sharing prevention which comes in handy in meeting HIPAA requirements.
Security rules have a heavy focus on PII and keyword identification. Once rules detect security incidents like unauthorized data sharing, the system will take appropriate action. Actions include the sharing block, disabling the export of protected data, and notifying the admin.
Another important thing is the Detector rules update.
You can check the content of your emails to detect specific expressions and words. If an email that contains such expressions and words is detected, the system will immediately send a notification through the Alert Center in the Admin console.
What SpinOne Does and Google Does Not
How are SpinOne’s Google Workspace (G Suite) domain audit capabilities different from Google’s? Basically, Spin has additional security features that help you to manage and protect your Google Workspace environment.
Here’s how SpinOne’s functionality is different:
- Spin has a comprehensive list of all externally shared and internally shared files available in “Data Audit,” with a full list of who can access this data.
- With SpinOne for Google Workspace (G Suite), you can cancel sharing permissions and take ownership of files both automatically (by Security Policy) or manually within a couple of clicks.
- In Google Workspace, administrators can create conditions/detectors by file name. Using SpinOne allows you to create detectors by name, by target domain, and by non-owner file sharing—for certain domains or for all domains.
- SpinOne allows advanced customization of actions that can be taken after a condition (set up in your policy) is met. For example, notifying the file’s owner.
- SpinOne has a security policy for detecting abnormal downloads or file transfers (detecting large numbers of files in a time frame: 15, 30, 45, 60 min).
- Spin detects and shows all Gmail emails, which contain CCN in the message’s body. All data is available in “Data Audit” with the preview feature. With this, you can track if someone shared CCN’s within your organization or outside.
