Skip to main content
All CollectionsHOW-TO guides
How to remediate Google Drive files
How to remediate Google Drive files
Reco Product Management avatar
Written by Reco Product Management
Updated over 2 years ago

When files are shared too broadly, they can pose a security risk by exposing data to a broader audience than necessary. To resolve such issues, it’s recommended that file permissions be reduced to include only those who need access to the information in order to perform their jobs. The process of updating permissions in order to mitigate security risks is a kind of remediation. Remediation is the process of performing a specific set of actions by a security team member in order to resolve or partially resolve a security incident. Performing remediation helps you protect your business:

  • removing the threat of data exposure

  • minimizing risk by stopping the exposure of data already accessed without business justification

Reco helps manage file sharing for your security team by:

  1. continuously monitoring the files that are found in any of the sources you have connected

  2. identifying and prioritizing incidents based on the risk that the related events pose to your business

  3. alerting on security risks and guiding you through the recommended remediation, also based on your business processes

Depending on the issue, Reco can recommend relevant steps and guide you through remediation. By working with Reco, you can resolve issues significantly faster, and from within Reco, without needing to change context to multiple platforms.

When you have configured a connection to Google Drive specifically, Reco monitors, and alerts on assets that:

  • are stored on individual users’ private folders

  • accessible by users inside or outside the organization without business justification

  • have been viewed, downloaded or edited by users inside or outside the organization without business justification

  • that have been shared by users inside or outside the organization without business justification

The information provided in the rest of this article explains how to remediate issues with Google Drive files from the Incident Investigation area of Reco:

How to remediate Google Drive files

  1. From the Investigate Further area, scroll down to the Files at Risk part to understand which files pose risk:

  1. From any of the files in the list, click Remediate.
    The side panel opens with extensive access details for the specific file.


    From this view, the People with Access section lists all users who currently have access to the specific file. You can see complete details for each of these users: their name, email address, and their access level (their role) for this file.

  2. When reviewing the list of users, if you find someone who does not need access in order to perform their jobs, click Remove Access next to their name.
    About 5 seconds after you click the link, the specified user’s access is removed from the file.
    If you refresh the screen, you’ll notice their name no longer appears in the list.

  3. Scroll down in the side panel to the General Access section
    This section gives details about the overall access provided for this file. With Google files, access can be provided as follows:

    1. Restricted access - only specified users can access and only according to the permissions assigned to them explicitly; if access is restricted then most likely remediation of the incident requires removing users explicitly, as explained in the previous step.

    2. Anyone in your organization with the link - anyone inside your company can access the file if they have the link.

    3. Anyone with the link - anyone in the world with the link can access the file.

  4. If access is available by the link, click Restrict Access to update file-level access to be restricted to only those users specified.

  5. When access is updated, confirmation appears

Did this answer your question?