It’s common knowledge that – while key to successful collaboration – corporate cloud storage systems like Google Drive, OneDrive, and Box also put files at risk of exposure and exfiltration.
Common ways this happens include:
- Employees who make files available to “anyone with the link,” rather than sharing with the appropriate individuals.
- A Google Drive user who shares a file publicly on the web – meaning it is indexed by Google and available to anyone on the internet.
- Employees who rightfully share files with customers or third-party vendors, but have no process to change sharing permissions after contracts end.
These systems are often administered by IT teams and security teams can be unaware of the untrusted file sharing that takes place. When identified, security teams need to coordinate with an IT administrator to make adjustments to file-sharing permissions. This process is time-consuming and leaves data exposed for longer. Often, it doesn’t happen at all.
Using Incydr to revoke sharing permissions for cloud files
Incydr allows security teams to detect when files are shared too broadly and remove untrusted access by revoking sharing permissions directly within the console. The result are some key benefits:
Gain visibility into publicly shared files
Incydr connects to corporate OneDrive, Google Drive and Box systems to detect when files are shared incorrectly – such as with untrusted domains, anyone with the link, or made publicly available on the web. This gives security teams an understanding of their organization’s cloud risk.
Access file contents to assess risk
Security analysts can use Incydr to gain temporary access to view shared files in order to determine the sensitivity of their contents. This helps analysts to quickly decide if remediation is necessary, and means analysts don’t need to request access from their cloud storage administrator.
Revoke file-sharing permissions with the click of a button
Incydr allows security teams to quickly remediate improper file sharing using a streamlined workflow that eliminates the need to work inside OneDrive, Google Drive or Box. Security teams can change file permissions directly within Incydr. In many cases, this can be done before the file is even viewed by anyone external to the organization.
Change file-sharing behavior to prevent future risk
Incydr can automatically send Code42 Instructor videos to correct employees and train them on how file sharing should be done. This reduces the number of untrusted shares moving forward.