Skip to content

Addressing File-Level Encryption in Google Apps

3 minute read

ltgreen cloud

There’s no doubt that Google Apps is staking a claim in the market; studies indicate that usage of the Google ecosystem and its various apps has only increased in the workplace (in some cases by a lot: Google Hangouts had a 133 percent increase between 2013 and 2014).

It has also become clear that a widespread migration to the cloud is inevitable: By 2020, 80 percent of organizations are expected to be fully using the cloud. Of course, the cloud offers a myriad of advantages: it makes collaboration seamless, makes files easily accessible anywhere, and it allows employees to be more productive and efficient. But the cloud also brings with it a unique set of security challenges. And as more and more companies adopt Google Apps or other cloud providers, it’s paramount that they pay attention to major risk factors and deploy the right solutions. File-level encryption is one such solution that can really make a world of difference in maintaining security in the workplace.

One of the major threats to security in Google Apps is the use of mobile devices to access company data—which, frankly, is one of the major draws of using the cloud in the first place. What the problem comes down to is that files synced to mobile devices on Google Drive lose their default encryption, leaving them vulnerable to a data breach if they fall into the wrong hands. To Google’s credit, Google takes security seriously. Files stored in Google Drive at rest are comprehensively secured. Additionally, Google allows you to control your settings, keep an audit trail, easily reset passwords, deploy 2-step verfication, and create custom alerts. The mobile device issue isn’t unique to Google. It’s an oversight that all cloud sync-and-share solutions share. But it’s a major problem. Here’s an example:

Say an engineer syncs a folder to her Google Drive account so she can add some finishing touches to a presentation at home and then take the files to an off-site meeting the following day. Unfortunately, she leaves her phone in a taxi on the way back from the meeting and someone finds it, finds the now-unencrypted synced files, and has access to private client data, corporate financial information, and intellectual property. That’s bad news for the engineer, the client, and the company, which now has to contend with financial damages and a marred reputation.

An estimated 70 million smartphones are lost every year. In addition to lost smartphones, one should also consider the number of phones that get stolen, as well as lost and stolen tablets, laptops, and flash drives. It’s easy to see how a lot of sensitive information can fall into the wrong hands. Human error is inevitable, but what can companies do to prevent data loss in situations like these?

That’s where file-level encryption comes in, which is a solution that can really make a world of difference in maintaining security in the workplace. Data encrypted at the file level stays encrypted wherever it goes—even when it’s synced to mobile devices. What’s more, it’s easy to deploy and adds a transparent layer of protection to Google Drive, meaning that it won’t change the way you work at all. File-level encryption would render the engineer’s files unintelligible to anyone but her and users she’s authorized, preventing a data breach and letting her clients rest easy.

File-level encryption keeps data safe in other situations, too. For instance, many data breaches occur because of dumb mistakes, like sending the wrong attachment or misaddressing an email. But if you send an attachment that’s been encrypted at the file level, only specified recipients can open it; if you accidentally send it to the wrong person, they simply won’t be able to retrieve its contents. No harm, no foul.

It’s true that data breaches seem to occur almost daily lately, and as more companies consider moving to the cloud and using Google Drive to store and share their corporate data, the question of security becomes an increasingly important one. The threat of data loss can be a barrier to cloud adoption for some organizations, but it shouldn’t be the reason companies stay stuck in the past. Maintaining security on mobile devices and mitigating user mistakes should be security priorities—and deploying file-level encryption for Google Drive is a simple and effective place to start.

Sign up for our newsletter