Google recently announced a security update that will impact file access to some Drive files. The update is a positive change because it’s making Drive files more secure, giving you as an admin more peace of mind. You have control as to whether or not you apply the update and how it is applied to your domain, however, it’s highly recommended.
What’s changing with Google Drive and my file links?
After this security update has been applied, users who have viewed a file in the past and still have permission to access that file will not see changes to their access. But, if a user has not viewed a file before, they will now have to use a URL containing a resource key to gain access. Again, nothing will change for users who have viewed files in the past or who have direct access to the file; they do not need a resource key. The resource key is only needed for those who haven’t viewed the file before, like someone new to a project or a new team member.
Admin updates and next steps
As an admin, you can choose one of three options for how to apply this update to your organization:
- Apply the security update with no options for end users to remove it.
- Apply the security update, but end users can remove it for specific files.
- Do not apply the security update (again, not recommended.)
You may think this doesn’t apply to your domain if you don’t currently have impacted files. Still, this update will apply to impacted files in the future. It’s important to understand how option 1 or 2 would impact your organization and which option is best.
A step-by-step guide to walk through the security update in Admin Console is available here.
End user deadlines and decisions
Administrators should communicate these changes to their team, especially if they select option 2 and give end users the option to remove the security update for specific files. End users will be notified of this update and any impacted files that they own or manage on July 26. From then until August 25, end users can decide to remove these files from the security update.
For files that are impacted and require a resource key, users that do not present the resource key will be taken to a page with a “Request Access” option so they can get permission to access files.
How to see what files will be impacted
We know that as someone reading this, you like to plan ahead. We like people like you. Keep in mind this security update is about protecting sensitive data, which will vary by organization. Given the nature of this information, a full list of impacted files, shared drives, and users will not be provided ahead of time. As an admin, you will not be able to determine what files are affected at this time. However, after September 13, 2021, you can search for files that have the security update applied by using advanced search query ‘is:security_update_applied’ or search for all files that have the security update removed by using advanced search query ‘is:security_update_removed’.
Timeline summary and next steps
Thinking about this update sooner rather than later will help ease the transition for you and your end users.
- Before July 23, admins must decide how to apply the update.
- From July 26 to August 25, end users will be notified and can choose how to apply the update (if applicable.)
- Beginning September 12, Drive will enforce the update and finalize by the end of September.
If you have any questions about this process or need assistance navigating Admin Console, contact our team and we’d be happy to help. If you’re a current Wursta customer, please contact your Account Manager for more details.