Google Backup and Sync, along with Google Drive File Stream are the newest Google Apps that simplify the process of synchronizing files from computer to Google cloud. They quickly stream files from the hard drive and save time and storage for enterprise users. However, few people know that Drive File Stream comes with sufficient security risks to the most important teams’ files – Team Drives.
How Team Drives Can Be Hit by Ransomware
While Google Backup and Sync is an application for personal usage, it works pretty similar to Google Drive app. Local folders, and even the entire computer may be set up for synchronization, but this has nothing to do with Team Drives. Drive File Stream, in contrast, focuses on using machine learning algorithms to predict the files and folders a user is expected to open. It uploads the majority of files directly from the cloud, so that the data does not take extra storage from the computer. Additionally, it makes Team Drives accessible using standard desktop tools.
However, as learned from the Early Adopters Program, Drive File Stream is reflected in the operating system as a regular system disk. Instead of storing whole files on a computer, only the files’ pointers are located in Drive File Stream.
A test conducted in our cyber security laboratory showed that this way of storing files allows you to save on hard drive space, but in case of a hacker attack, the system perceives the pointers as full files. With reflection to a Team Drives folder that was added to Drive File Stream, it means that Team Drives may be hit by ransomware as well.
In our previous posts we have provided detailed descriptions about the way Google Drive becomes encrypted by ransomware after synchronization takes place. The bottomline is that when ransomware hits a local computer, files in all folders are encrypted, including the ones in Google Drive, Google Backup and Sync, and Drive File Stream folders. Google perceives the encryption process as a normal way of editing files and promptly synchronizes items’ modifications to the cloud replacing normal documents with their encoded versions! There is no “history”, “backup” or any other function that would help turn back time and copy or restore the document to a state before encryption. Simply put, you will not be able to restore the file to its normal condition!
This is how ransomware encrypts Google Drive through Google Drive and the Google Backup & Sync app. This is exactly how it’s going to target Team Drives through Drive File Stream. Along all the good and easy, Drive File Stream makes Team Drives vulnerable to ransomware. You need only one employee in your company to install Drive File Stream, and all Team Drives’ files may become infected.
Backup Google Team Drive and Enable Automatic Ransomware Protection
Every G Suite admin knows that the only way to get the file back to it’s previous condition (before the attack occurred) is to restore it from a 3rd-party cloud storage where they have the data backed up. In this case, Team Drives backup becomes an obligatory tool for the cyber security system, especially by the time Drive File Stream becomes available. Backups guarantee you will be able to recover lost data, but they don’t guarantee that you will do it quickly, as the G Suite admin has to first find out about the infection, evaluate the damaged files, find each of them in the backup snapshot, and run the recovery process.
We are living in a world of automated technologies and machine learning algorithms. People prefer transitioning monotonous job to machines, so that work can be done quicker, and more efficiently, with no human factor involved. This is why Spinbackup introduced ML when it comes to fighting ransomware. Team Drives backup and Automatic Ransomware protection become a perfect combo for profound cyber security policy in the world of teams’ documents and ransomware attacks. It is a 2-layer protection system that allows you to:
- Keep your Team Drives backed up daily, automatically and securely.
- Use the Restore-in-Time machine, which allows you to access any version of the documents.
- Be alerted about a Ransomware Attack a few moments after it starts spreading to your corporate network.
- Limit your damages to a minimum number of files thanks to an automated block of the source of Ransomware.
- Have all encrypted files restored automatically, quickly, with no human effort involved.
- Always have an option to restore all or some of the damaged files manually, having a list of damaged items in front of you instead of searching for every file separately or restoring more files than were damaged.
Watch the video and see how Spinbackup automated ransomware protection really works. The only way to restore a reliable version of an encrypted Team Drive is to back it up. The only way to spend no time doing this manually is to have it done automatically.
1,639 total views, 46 views today