Google Workspace Data Policies

Learn how to set up SpinOne Data Policies in Google Workspace to control unwanted and risky Drive Files Sharing inside and outside your organization.

Written By Davit Asatryan (Administrator)

Updated at February 22nd, 2023

Shared Items Control Policy

The following policy allows administrators to set conditions on Drive file sharing from their organization.

Conditions can be created by:

  • File name - The full name or part of the name of a file. Multiple file names can be entered simultaneously.
  • Check all domains - Enabling this feature detects all sharing to outside of your organization.
  • Check domains, users or groups - The policy will only the selected domains, users or groups.
  • Check shared by link - The policy will detect sharing where the file has been shared with an entire domain or is available for anyone with the link.
  • Allowlist for domains, users or groups - Enter domains, users or groups here that should be allowlisted, and the condition should not alert/block for.
  • Check for non-owner file sharing - The rule will detect when a file has been shared by another user who is not the owner. Please keep in mind this policy is not available for Google Workspace Basic users.

Actions can be created by:

  • Revoke sharing permissions - If file sharing is detected that matches the conditions, enabling this action will revoke the detected sharing.
  • Send notification - A notification will be sent to the administrator when file sharing that matches the conditions has been detected.
  • Send notification to owner - A notification will be sent to the owner of the file.
  • Change the owner - The ownership of the file will be changed to the selected user.
  • Suspend user - The user's Google account will be suspended if the conditions are met.

Ransomware Protection

The following policy enables SpinSecurity's AI powered 24/7 Ransomware Protection for Gmail, Google Drive and Shared Drives.

No conditions can be set in this policy.

Actions can be created by:

  • Restore encrypted files automatically - Once the Ransomware attack has been stopped, this action will allow SpinSecurity to automatically restore previously safe backed up versions of all files that were encrypted by Ransomware.
  • Revoke an access - Once a Ransomware attack has been detected, enabling this action allows SpinSecurity to revoke access to the 3rd party application that is causing the encryption. This is key to stop the Ransomware from spreading and infecting more files!
  • Send notification - Administrators will receive a notification once a Ransomware attack has been detected, once it has been stopped, and once the recovery has successfully finished.

Sensitive Data Detection

The following policy detects and notifies when Sensitive Data is detected within Gmail.

Conditions can be created by:

  • Internal Mail Filter - SpinOne will skip all emails that contain sensitive information.
  • Threshold - A score rating from 1 - 100 per file, allowing you to specify the threshold for alerts
  • Sensitive Data Types - Choose from 15 out of the box types of sensitive data for the policy to detect

Actions can be created by:

  • Send notification - Upon detection of Sensitive data, a notification email will be sent to the specified channels.

Was this article helpful?