Prevent External Access to Sensitive Group Information
To prevent the Executive Group's settings from being changed to public or external, we need a process that automatically sends an email notification to the IT Team and updates the Group's Membership/Permission Settings to stop sensitive company information from being shared externally.
This Workflow will notify the IT Team that the group’s settings have been changed to “Anyone Can Join” and automatically set the desired membership settings to prohibit executive information from being shared externally.
Here is one example of how to prevent external access to group information, but we will give other examples towards the end of this article.
The examples below will not only prevent external members from being added to the group, but it will also change the settings to ensure the group’s information is not viewable by the public.
1. Groups: ‘Anyone Can Join’ Alert
The desired threshold of the Google “Groups: Anyone Can Join Alert” system Alert will need to be configured in the Alerts Manager section of the platform.
- Please note: You can continue to edit the configurations of the Alert once the Workflow has been created, but for this Use Case we will be keeping the alert’s threshold at 0.
2. IF the Group Is…
Select the IF 'Group is’ condition in your Workflow to target the Executive Group.
3. Send Group an Email
Next, use the “Send Email to Group” action to notify your IT Team of the change in the Executive Group’s settings. Then use the Subject and Body fields to configure your custom email message.
4. Set Group Membership Settings
Lastly, select the “Set Group Membership Settings” action in your Workflow to enforce the group settings and stop sensitive company information from being shared externally. This action will set the targeted group's membership settings, such as who can join the group and if the group allows external members, for example.
In this use case, we are changing all membership settings to ensure the group is locked down. You can select the 'No change' option to leave some group settings as they are, however, we will be changing the highlighted settings.
The Google “Groups: Anyone can Join” alert will take care of the group’s membership settings, but you can also use the “Groups: Anyone Can View” and “Groups: Allow External Members” alerts to ensure that the other group settings will not be changed to public.
Groups: Anyone Can View
Using the same conditions and thresholds as above, select the ‘Set Groups Permission Settings’ action with the “Groups: Anyone Can View” alert to set who can view the group’s content. Additionally, you can hide the group from the Group’s Directory and the Global Address List to stop users from locating the group by search.
Groups: Allow External Members
And lastly, here’s an example of how to use the ‘Set Groups Membership Settings’ action with the “Groups: Allow External Members” alert to set who can join, view membership, add members, leave the group, and if external members are allowed in the group.
BetterCloud Reference Articles
- Using an Alert as a Workflow Event
- Groups Overview
- Google Groups
- New BetterCloud Directory: Groups
- Google Events, Conditions, and Actions in Workflows