Google Workspace (formerly known as G Suite) is a great productivity suite for businesses who work online a lot and value collaboration. It has 15 productivity, security, collaboration, and communication apps that can all be accessed with one Google login. It comes with familiar apps like Gmail, Google Drive, Google Calendar, and Google Meet, being a useful tool for all kinds of organizations.

Users can, for example:

  • Share and collaborate on files in real-time
  • Join or replay online video calls
  • Schedule emails or meetings

Admins can, for example:

  • Add, edit, or delete users
  • Install, configure, or remove extensions
  • Alert, automate, and audit apps

Organizations can, for example:

  • Choose a geographic location for their data
  • Check and remediate security issues
  • Use DLP to prevent data leakages
Screenshot 2021-08-24 at 10.08.03.png

The possibilities in Google Workspace are numerous. Yet, we often experience businesses overlook one of its true advantages - namely, document collaboration.

It helps us:

  • Work more closely with customers, colleagues, or partners
  • Share meaningful information and get feedback in real-time
  • Cut out unnecessary emails, as the documents are always updated
  • Minimize errors as everyone works on the same document
  • Prepare better and make meetings more effective
  • Accelerate team creativity and productivity

… and much more!

Did you know…

PwC employees have been able to cancel 2-5 hours of status meetings per week by collaboratively solving problems ahead of time in Google Docs?

Despite the advantages, many businesses still fear that document collaboration will quickly get out of control, be impossible to audit and administrate, and serve as a gateway for data leakages. For some, it might even be a matter of lack of employee trust. As a result, businesses simply disable external document collaboration. However, this brings out a much greater danger.

The risk of blocking external collaboration

One word - circumvention.

Would you rather allow file sharing and define the environment for how it’s done, or disable file sharing altogether and let people bypass it through email attachments, Dropbox, WeTransfer, and so on?

The harsh reality is that people will always find one way or another to circumvent tedious processes - and that could be dangerous!

Imagine the following scenarios:

  1. A customer has requested to get the latest reports containing sensitive data, but since you are unable to share the file, you decide to email it as an attachment. It works. You suddenly realize that you’ve sent it to the wrong recipient, and without even realizing it, you’ve committed a data breach. The email cannot be revoked, and you don’t know how many people have access to the customer’s sensitive data.
  2. As the HR recruiter, you just found the perfect candidate for the job position. You decide to send over the employment contract prefilled with the employee’s name, social security, salary, address, and more, but realize that the file size is too large. As a result, you decide to opt for a file transferring service such as WeTransfer. It works. Little did you know that this solution wasn’t approved by the IT department as a Data Processing Agreement hasn’t been established. Without even realizing it, you’ve committed a data breach of PII (Personally Identifiable Information).
  3. Your marketing team wants to create a new campaign with the help of external consultants. They ask you to share all marketing material and plans with them, but you realize that there are too many files to be transferred. As a result, you decide to upload all files to your Dropbox account and create a sharable link. It works. The consultants can now access all files. However, you have no idea who is accessing what, and whether the files get modified or even accessed by unauthorized parties. Your company data is now publicly exposed.

The solution

People will always find a way to bypass restrictions and while we may not know which method(s) are employed, we do know that our data will always be at risk. In order to avoid and prevent that, organizations need to create a safer collaborative environment in Google Workspace through some technical configurations made by sysadmins and by educating the end-users.

The Tricent Compliance Tool is a web app that makes it simpler for everyone in the organisation to audit and clean up their shared files. It lets users collaborate externally, sysadmins to control the file sharing activities and organisations to comply with data protection policies.