Drive Compliance

Follow

Contents

Drive Audits/Policies allow you to automate the management of your domain’s Drive on a large scale. This functionality can drastically increase the security of your Drive and the granularity with which you control the drive.

What is the difference between an Audit and a Policy?

Audit- An audit is a one time report on which documents on your domain fit a certain criteria. You can set an audit to only look at a certain time period as well to best suit your needs.

Policy- A policy runs constantly rather than just one time and can actually take action on documents that violate its terms. You can create as many policies as you want and set them to apply to specific OUs, Users, or the entire domain.

How do I create a Drive Policy or Audit?

  1. Navigate to Google Apps> Policy > Drive from the top navigation in BetterCloud
  2. Select “Create New”
  3. Select to whom the policy or audit will apply
    • a.) select whether it will apply to an individual, everyone, a specific subdomain, or an Org Unit
    • b.) add additional people or Org Units for the policy to be applied
    • c.) add exceptions for example (this policy applied to everyone except this Org Unit)
  4. Select the conditions of the policy.
    • a.) You can select if the policy will be based on:
      • -The sharing settings of the documents
      • -With whom the documents are shared
      • -The content of the documents*
    • b.) Add additional conditions to the policy and determine if the policy shall apply only if all conditions are met, or if ANY of the conditions are met

    *Currently, only documents that are shared Externally, Publicly or with the entire Domain will be found.

  5. Select the actions to be taken.

    If this is an Audit you can,

    • a.) Choose to have the findings of the Audit emailed to yourself and/or others at your organization.
    • b.) Set a date range for the Audit to scan
    • c.) Name the audit

    If this is a Policy you can,

    • a.) Set the actions that will be taken on documents that violate the policy
      • Flag as violations
      • Change Sharing Settings
      • Change all editors to viewers
      • Transfer Ownership
      • Send customized email to owner of document
      • Remove collaborators
    • b.) Add additional actions to be taken
    • c.) Set the start date of the policy. (This means the policy will only apply to documents created after this date)
    • d.) Name the policy
  6. Click

Conditions

You can search within documents by using any of our pre-defined expressions, entering in a keyword, or writing your own Regular Expression. The following document types can be scanned with the Content Condition:

Google:

  • Google doc
  • Google spreadsheet
  • Google presentation
  • Google drawing
  • Google form

Non-google:

  • pdf
  • zip
  • csv
  • Microsoft Doc
  • Microsoft excel
  • gzip
  • seven z
  • tx
There are several pre-defined conditions and expressions you can use:
 
Sharing Settings - Searches for documents that are set at different levels of exposure.

 
Shared With - Searches for documents that are shared with certain users or domains.
 
 
Content - Searches for specific content inside a document by use of Regular Expressions. We include the following, but you can create your own if you wish.


Owner - Searches for documents that are either owned or not owned by a particular user.
 
 
Size - Searches by size
 
 
File Types - Searches by file type
 
 
File Name - Searches by file name
 

Can I customize the email that is sent to users who violate a policy?

Yes, if you select Send Message as

Then you can customize,

    • a.) The name of the template
    • b.) who the message is sent to (usually the owner of the document that is violating the policy)
    • c.) who replies to the message are sent to
    • d.) who should be BCC’d on the email
    • e.) the subject of the email
    • f.) the body of the email (you can use the dynamic fields on the right to populate this)
    • g.) whether or not you would like to save this template to use again in the future

Can a user request a document be marked as an exception to the policy?

Yes and the admin has the option to mark it as an exception this time or to mark it as an exception for this policy and all future policies.

How long does it take for BetterCloud to notice that a document is violating a policy?

After an initial scan upon Policy creation, BetterCloud will receive push notifications from Google to update document data in BetterCloud in near-real time (within 30 minutes) of the document's creation, or of a change being made to an existing document.

Important / Requirements

Compliance Policies allow you to maintain certain sharing settings across your organization's Google Drive. (To read about our Drive auditing tools, click here.)

In the Google Admin Console, you must have "Files owned by users in domain can be shared outside domain" enabled, to allow our policies to take actions on your behalf. It is not possible to override your Admin Console Settings from within BetterCloud.

To ensure that this setting is enabled in the Admin Console, navigate to admin.google.com > G Suite > Drive and Docs > Sharing Settings: 

Google Related Article

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request