How to Make Google Drive Secure? [Solved]
When your data is secure follow these
- Pre-encrypting your files
- SOS has an optional function called client-side encryption, sometimes called "zero knowledge." Most cloud backup services keep a copy of your encryption keys, so they can access the files in your account. With client-side encryption, only you can unlock your cloud data.
- Google Drive does not use client-side encryption. So if you don't want Google to have its own set of keys to your cloud files, you have to take a few extra steps. One option is to put your files inside a ZIP file, put a password on that, and send it to the cloud. This has to be done manually, however, so it's pretty inefficient and tedious if you need to handle a large volume of files.
- Using Boxcryptor
- Beefing up your Google account password
- Two-step verification
- Two-step verification is well supported on the Android ecosystem and should be considered a must-have for anyone who uses Google Drive.
- Although it isn't difficult to set up, it does take a bit of time and effort.
- Employ encryption
- Wireless security
- Never use your Google Drive account when you're on an unsecured wireless network. If you find yourself on an unsecured network, turn Wi-Fi off on the device and use your carrier's 4G network.
Another Way to Make Google Drive Secure?
An equally relevant question is, “How secure is your data in Google Drive?”
Gartner predicts that 95% of cloud security breaches will be the customers’ fault. You cannot ignore the shared-responsibility model for cloud security. The cloud provider is responsible for infrastructure-level security, but the cloud customer is ultimately responsible their data does not end up in the wrong hands. Enterprise cloud providers like Google invest extensively in the security of their platforms. It is typically much simpler for attackers to infiltrate a company’s usage of a cloud application than to expose a vulnerability on the cloud provider’s end.
A couple examples:
- Compromised Account: A hacker steals an employee’s username and password for their corporate Google Drive account. The attacker can then login and steal data without setting off alarms. Just a couple months ago, the press reported on the first ever Office 365 global administrator credentials for sale on the Darknet.
- Insider Threat: An employee has plans to leave the company for a competitor. Before leaving, he logs into the corporate Google Drive and downloads the plans for a new project he is working on. The company only discovers the theft after it is too late. This scenario played out at Zynga, which recently sued a former employee for stealing plans for a new game from Google Drive.
- Over-Sharing: An employee is working on a press release with a contractor outside the company. Rather than restricting access to specific email addresses, the employee creates a shareable link and sends it to the contractor. Now sensitive data is potentially at risk of being forwarded and viewed by anyone with the link. This phenomenon is much more common than you might think: Of all files shared externally, 9.3% contain sensitive data.
In short, the security of data in a cloud application is just as much a factor of your own security controls as those of the cloud provider. Behavioral monitoring, encryption with customer-managed keys (BYOK), and multi-factor authentication are all steps that can help address the above risks.