Blog
August 28, 2024

5 Key Takeaways from Our Latest Webinar on the Risks of Google Drive

Here are five key takeaways from the webinar that shed light on the importance of balancing productivity and security when using Google Drive

Download
Download

In our most recent webinar, Metomic CEO Rich Vibert was joined by Oyster's Director, Sr. Managing Counsel, Trust & Technology, Jeffrey May, and Payfit Espana's Vice President IT & Security, James Moos delved into the complexities of data security within Google Drive, discussing the benefits and risks of using this popular SaaS tool.

Here are five key takeaways from the webinar that shed light on the importance of balancing productivity and security when using Google Drive:

1. The Dual-Edged Sword of SaaS Tools

Rich Vibert kicked off the discussion by highlighting the exponential growth in SaaS applications. He noted, "From 2020, there were about 80 SaaS applications per organisation. By 2023, that number has risen to about 130 and continues to increase." This surge is driven by the need for streamlined operations and accelerated time to market.

Google Workspace, including Google Drive, is one of the most widely used productivity tools across various organisations due to its collaboration features. However, this increase in productivity comes with a price. Vibert emphasised, "more security, privacy, and compliance risks are introduced to the business." Balancing the benefits of these tools with their inherent risks is a challenge for many security professionals.

2. Visibility and Control Challenges

Jeffrey May highlighted the difficulty in achieving visibility and control over data within Google Drive. He emphasised that the default settings of Google Workspace often do not provide adequate visibility into the sensitive data stored and shared within the organisation.

"If you can't see it, you can't protect it," May noted. Even with higher-tier subscriptions that offer more enterprise-level features, security teams often struggle to keep track of data movements and access within Google Drive.

3. Human Error: The Leading Cause of Data Breaches

The trio discussed the fact that human error is the leading cause of data breaches in Google Drive.

Citing an IBM study, Vibert revealed that "95% of data breaches are the result of human error." Examples such as the American College of Pediatricians and the UK NHS leaving sensitive files publicly accessible were mentioned to illustrate this point. These incidents highlight how easily files can be accidentally shared with the wrong audience, leading to significant compliance and reputation risks.

4. The Need for Subtle Security Measures

Finding the balance between security and productivity requires subtle and user-friendly security measures. James Moos discussed the use of warning prompts or banners when sharing files externally. "It's not going to massively change the outcome if someone's determined or not paying attention, but it can just be enough to catch people that want to do the right thing," he explained. This approach aims to build a human firewall by making employees more aware of their actions without significantly hindering their workflow.

5. Leveraging Metomic for Automated Controls

The importance of leveraging DLP technology like Metomic to automate security controls within Google Drive was also highlighted. Jeffrey May mentioned the effectiveness of tools that automatically change sharing permissions after a set period, thereby minimising the risk of outdated, sensitive data being accessible to unauthorised users.

"Being able to say, for example, 'yes, you can share that file publicly, but after 14 days, that share is going to be changed back to restricted.' That's incredibly valuable for us." Such automated controls help manage security risks without disrupting business operations.

To learn more about the risks of Google Drive, watch the webinar in full here.

Check if your Google Drive is leaking sensitive data

It’s scary how easy it is to upload sensitive data to Google Drive and share these files and folders with other people - not just within your company, but potentially beyond that too.

With our FREE Google Drive Scanner, you can:

  • See how secure your Google Drive account is in seconds.
  • Discover who still has access to your files, and who they were created by.
  • Find risky files exposed publicly to anyone on the internet
Table of content
Table of contents
Table of contents
Table of contents
Table of contents
Table of contents

Metomic

In our most recent webinar, Metomic CEO Rich Vibert was joined by Oyster's Director, Sr. Managing Counsel, Trust & Technology, Jeffrey May, and Payfit Espana's Vice President IT & Security, James Moos delved into the complexities of data security within Google Drive, discussing the benefits and risks of using this popular SaaS tool.

Here are five key takeaways from the webinar that shed light on the importance of balancing productivity and security when using Google Drive:

1. The Dual-Edged Sword of SaaS Tools

Rich Vibert kicked off the discussion by highlighting the exponential growth in SaaS applications. He noted, "From 2020, there were about 80 SaaS applications per organisation. By 2023, that number has risen to about 130 and continues to increase." This surge is driven by the need for streamlined operations and accelerated time to market.

Google Workspace, including Google Drive, is one of the most widely used productivity tools across various organisations due to its collaboration features. However, this increase in productivity comes with a price. Vibert emphasised, "more security, privacy, and compliance risks are introduced to the business." Balancing the benefits of these tools with their inherent risks is a challenge for many security professionals.

2. Visibility and Control Challenges

Jeffrey May highlighted the difficulty in achieving visibility and control over data within Google Drive. He emphasised that the default settings of Google Workspace often do not provide adequate visibility into the sensitive data stored and shared within the organisation.

"If you can't see it, you can't protect it," May noted. Even with higher-tier subscriptions that offer more enterprise-level features, security teams often struggle to keep track of data movements and access within Google Drive.

3. Human Error: The Leading Cause of Data Breaches

The trio discussed the fact that human error is the leading cause of data breaches in Google Drive.

Citing an IBM study, Vibert revealed that "95% of data breaches are the result of human error." Examples such as the American College of Pediatricians and the UK NHS leaving sensitive files publicly accessible were mentioned to illustrate this point. These incidents highlight how easily files can be accidentally shared with the wrong audience, leading to significant compliance and reputation risks.

4. The Need for Subtle Security Measures

Finding the balance between security and productivity requires subtle and user-friendly security measures. James Moos discussed the use of warning prompts or banners when sharing files externally. "It's not going to massively change the outcome if someone's determined or not paying attention, but it can just be enough to catch people that want to do the right thing," he explained. This approach aims to build a human firewall by making employees more aware of their actions without significantly hindering their workflow.

5. Leveraging Metomic for Automated Controls

The importance of leveraging DLP technology like Metomic to automate security controls within Google Drive was also highlighted. Jeffrey May mentioned the effectiveness of tools that automatically change sharing permissions after a set period, thereby minimising the risk of outdated, sensitive data being accessible to unauthorised users.

"Being able to say, for example, 'yes, you can share that file publicly, but after 14 days, that share is going to be changed back to restricted.' That's incredibly valuable for us." Such automated controls help manage security risks without disrupting business operations.

To learn more about the risks of Google Drive, watch the webinar in full here.

Check if your Google Drive is leaking sensitive data

It’s scary how easy it is to upload sensitive data to Google Drive and share these files and folders with other people - not just within your company, but potentially beyond that too.

With our FREE Google Drive Scanner, you can:

  • See how secure your Google Drive account is in seconds.
  • Discover who still has access to your files, and who they were created by.
  • Find risky files exposed publicly to anyone on the internet

In our most recent webinar, Metomic CEO Rich Vibert was joined by Oyster's Director, Sr. Managing Counsel, Trust & Technology, Jeffrey May, and Payfit Espana's Vice President IT & Security, James Moos delved into the complexities of data security within Google Drive, discussing the benefits and risks of using this popular SaaS tool.

Here are five key takeaways from the webinar that shed light on the importance of balancing productivity and security when using Google Drive:

1. The Dual-Edged Sword of SaaS Tools

Rich Vibert kicked off the discussion by highlighting the exponential growth in SaaS applications. He noted, "From 2020, there were about 80 SaaS applications per organisation. By 2023, that number has risen to about 130 and continues to increase." This surge is driven by the need for streamlined operations and accelerated time to market.

Google Workspace, including Google Drive, is one of the most widely used productivity tools across various organisations due to its collaboration features. However, this increase in productivity comes with a price. Vibert emphasised, "more security, privacy, and compliance risks are introduced to the business." Balancing the benefits of these tools with their inherent risks is a challenge for many security professionals.

2. Visibility and Control Challenges

Jeffrey May highlighted the difficulty in achieving visibility and control over data within Google Drive. He emphasised that the default settings of Google Workspace often do not provide adequate visibility into the sensitive data stored and shared within the organisation.

"If you can't see it, you can't protect it," May noted. Even with higher-tier subscriptions that offer more enterprise-level features, security teams often struggle to keep track of data movements and access within Google Drive.

3. Human Error: The Leading Cause of Data Breaches

The trio discussed the fact that human error is the leading cause of data breaches in Google Drive.

Citing an IBM study, Vibert revealed that "95% of data breaches are the result of human error." Examples such as the American College of Pediatricians and the UK NHS leaving sensitive files publicly accessible were mentioned to illustrate this point. These incidents highlight how easily files can be accidentally shared with the wrong audience, leading to significant compliance and reputation risks.

4. The Need for Subtle Security Measures

Finding the balance between security and productivity requires subtle and user-friendly security measures. James Moos discussed the use of warning prompts or banners when sharing files externally. "It's not going to massively change the outcome if someone's determined or not paying attention, but it can just be enough to catch people that want to do the right thing," he explained. This approach aims to build a human firewall by making employees more aware of their actions without significantly hindering their workflow.

5. Leveraging Metomic for Automated Controls

The importance of leveraging DLP technology like Metomic to automate security controls within Google Drive was also highlighted. Jeffrey May mentioned the effectiveness of tools that automatically change sharing permissions after a set period, thereby minimising the risk of outdated, sensitive data being accessible to unauthorised users.

"Being able to say, for example, 'yes, you can share that file publicly, but after 14 days, that share is going to be changed back to restricted.' That's incredibly valuable for us." Such automated controls help manage security risks without disrupting business operations.

To learn more about the risks of Google Drive, watch the webinar in full here.

Check if your Google Drive is leaking sensitive data

It’s scary how easy it is to upload sensitive data to Google Drive and share these files and folders with other people - not just within your company, but potentially beyond that too.

With our FREE Google Drive Scanner, you can:

  • See how secure your Google Drive account is in seconds.
  • Discover who still has access to your files, and who they were created by.
  • Find risky files exposed publicly to anyone on the internet

Metomic

Latest posts

How Can You Balance Productivity with Security in SaaS Applications?

This article explores this intersection, offering key insights into the trends, challenges, and strategies for maintaining an optimal balance between efficiency and data protection when dealing with SaaS apps.

Blog
Enabling workforce productivity with SaaS

2024’s Security Challenge: Enabling workforce productivity with SaaS and Generative AI, while staying secure and compliant

The SaaS revolution, which has now been accelerated by AI, has been a godsend when it comes to enabling productivity, but, it has also brought with it its fair share of concerns

Blog