Let’s look at practical ways to increase the security of your Google Drive account and prevent unauthorized access to your files.
1. Secure Your Google Account
Since Google Drive is under your wider Google account (along with services like Gmail and YouTube), it’s vital to keep your Google account locked up. If you use a weak password, don’t have two-factor authentication activated, or make other security mistakes, your Google Drive account could be compromised more easily.
Follow our guide to securing your Google account to beef up your basic account security. This will go a long way in keeping Google Drive secure, even before you move to Drive-specific advice.
2. Share Files Wisely
Since sharing files in Google Drive greatly increases the number of people who can access them, you must be careful when sharing. See tips for managing shared files on Google Drive if you need a refresher on the fundamentals.
When possible, you should share folders and files only with specific people who need access. Choosing to share with anyone who has the link is convenient, but keep in mind that anyone who gets the link can share it with as many other people as they like.
For content you do make available to anyone with the link, it’s wise to restrict those people to the Viewer or Commenter level. Allowing anyone with the link to be an Editor could lead to people tampering with your files.
3. Don’t Let Other Editors Change Permissions
If you invite others to edit your Google Drive files, you should disable the option that lets those people add additional editors. This means that you are the only one who decides who’s allowed to make changes to the document.
To tweak this, click the Share button on a folder or document, followed by the Gear icon at the top-right of the Share with people and groups section. Uncheck Editors can change permissions and share to reduce the control others have.
For files, you can also disable Viewers and commenters can see the option to download, print, and copy. This makes it harder for people to copy the information elsewhere, though it’s not foolproof (they could take a screenshot, for example).
4. Review Shared Documents Regularly
Just because you shared a file with someone a while ago doesn’t mean that the person always needs access to it. It’s wise to regularly audit the documents you’ve shared on Google Drive and remove shared permissions from anyone who doesn’t need them.
Unfortunately, Google Drive doesn’t offer a way to see all files you’ve shared in one place. There’s no filter for this in the advanced search, and Shared with me shows incoming shared files, not outgoing ones. As a result, the only way to check who you’re sharing a file or folder with is by opening its sharing menu.
This is time-consuming, so we recommend a third-party solution: WhoHasAccess. It’s a free tool that scans your entire Google Drive account for shared files and folders, shows your current sharing setup, and lets you remove people. Give it a try if you have more than a handful of shared files.
5. Audit Linked Google Drive Apps
Since linked apps potentially access lots of data in your account, you should confirm that you still trust and use all the apps you’ve linked to Google Drive. To see them, click the Settings cog at the top-right of the Drive window, then go to Settings > Manage Apps.
Here, you’ll see a list of apps you’ve connected with Google Drive. The Use by default box lets you choose to open compatible files from your Drive in that app—for example, loading JPEGs into a photo editor.
In some cases, you’ll notice deleted apps that are using “hidden app data.” To remove an active app, click Options and choose Disconnect from Drive. For inactive apps, choose Delete hidden app data from Options if you don’t want to keep the leftover files.
Like tidying your browser extensions, you should remove any apps that you no longer use. The fewer apps you have connected to Drive, the smaller your potential attack surface is.
6. Encrypt Files Before Uploading
The above tips focus on keeping your Google Drive data safe from other people. But this isn’t the only threat to your files.
Since you don’t own the encryption key to files you upload to the service, Google could theoretically access what you add to Google Drive. And if an attacker ever breached the service, your data would be available for the taking.
Thus, for an additional layer of security, it’s smart to encrypt your files before uploading them to Drive. Without your encryption key, Google, or any malicious individual, won’t be able to read your files.
Follow our guide to encrypting files to learn how this works. Once you’ve encrypted your data locally, you’ll enjoy more protection from others trying to snoop. For more protection, you might consider a dedicated tool for increasing Google Drive security, like Cryptomator.
7. Don’t Use Google Drive for Sensitive Files
While you can do a lot to protect the files you upload to Google Drive, you should avoid putting anything highly sensitive on the service. Google uses industry-standard encryption to protect your data, and you can keep it safe using the above tips. But when you put files on someone else’s server, you can’t guarantee their safety.
Keeping vacation photos, blog drafts, or scratch Google Sheets files in Google Drive doesn’t pose much risk because those wouldn’t be risky if exposed. But for maximum security, you shouldn’t upload documents with personal info like your Social Security number, files that contain passwords or backup codes, or other sensitive data. Those would cause a lot more damage if they were exposed.
Remember that you trust Google with all files that you upload to its service. Don’t add anything that would be catastrophic if leaked.
Securely Lock Your Google Drive Account
We’ve looked over key tips for protecting your Google Drive account. In summary: don’t neglect Google account security, be careful who you share files with, and don’t upload anything to Google Drive that’s sensitive.
If you use other cloud storage services, you should take the time to keep those accounts secure, too.