Sensitive data on Google Drives puts companies at risk
New research from Metomic finds that 40 percent of Google Drives hold sensitive data that could put an organization at risk of a data breach or cybersecurity attack.
The research scanned around 6.5 million Google Drive files and also shows that 34.2 percent of all the files scanned were shared with external contacts (email addresses outside of the company's domain) and more than 350,000 files (0.5 percent) had been shared publicly, giving access to anyone who had the document link.
Among the files identified as containing sensitive information -- including confidential employee contracts and spreadsheets full of passwords -- 18,000 files were flagged as 'Critical Level' data files, meaning the information contained 'Highly Sensitive' data or the file permissions were not applied securely.
"Google Workspace has more than 3 billion users. With so many businesses leveraging Google Docs, Google Sheets and Google Slides -- and sharing those docs with partners, customers, consultants, vendors and anyone else they do business with -- it's mind-boggling to think of how much sensitive data is accessible to people outside of an organization and how blind most security teams and business leaders are to this," says Rich Vibert, CEO of Metomic. "Our Google Scanner Report puts a spotlight on the amount of vulnerable data living in Google Drives around the world, underscoring just how critical it is that businesses know what data is being stored, where it is stored, and who has access to it. The best way to prevent a data breach is to protect your business' vulnerable data so that it does not end up in the wrong hands. Metomic's Google Scanner Report makes clear how big of a challenge this is for IT and security teams who are struggling to a balance between protecting their company's reputation and ensuring employees have access to effective SaaS tools that drive collaboration and productivity across the business."
The full report is available from the Metomic site.