In this how-to, we’ll be covering you how to audit your Google Drive using GAT+.
You can watch this video instead of reading the post:
To start off click on Drive in the GAT+ dashboard.
Once we are in Drive Audit you will notice the one-click summary table. This table will allow you to see all files across your entire domain. It denotes all files by their exposure into categories. Clicking on a category will show all the files in that category.
On the right-hand side, you can see all the files in your domain denoted by file type.
If you click on any of these values you’ll be shown all the files that fall under that category. For instance, we’ll be clicking on ‘open to Public with link‘. These are the files shared in or out of my domain with a link. Using this funnel button, you can apply a custom filter. Because we had clicked on the ‘open to Public with link‘ category, GAT+ automatically applied to filter for us. Now we can add additional rules to build on the filter to produce a more narrow search. In this example, we’ll search for a file type that is a document. Now we’re seeing all documents shared in or out of my domain with a link.
To alter access rights and permissions for these documents, click on the drop-down arrows next to the editors or readers.
This file, for example, has been shared out with a link and by clicking here we can remove that permission.
Alternatively, we can do bulk removals for readers or editors. You can also remove individuals from a file. If you would like to export the data from a search, simply click on the export data button.
Here you can choose between CSV or Google sheet formats to make a more sophisticated search using a custom filter you can change the type of a filter to use a group or OU in this example, we’ll look for documents owned by marketing OU which are set to public.
You can also apply and save a filter if you use it often and find them in the saved tab. If you wish to change the ownership or add additional editors or readers to documents, you will require GAT Unlock.
After selecting a few documents, we’re going to click on file management. Here we can change ownership as well as editors and readers. By clicking on remove other permissions we’ll be severing any access rights that we have not declared above. Alternatively, we could remove individual users as editors readers or commentators.
Once you send your request your designated security officer will have to approve your changes.
If you wish to view the contents of a document silently, you can use GAT Unlock to do so. You can do this by selecting the files you wish to view and clicking access permissions granted.
Here you can see all the files you currently have requested access for and also the files for which you already have access to. For this example I’ll need to make a new request you will need to select a time frame for how long you would like access to the contents of these documents. Once this time has expired you will no longer have access to the files’ contents.
In the message box, you can let your security officer know why you need access to these files that you are investigating.
Once the request is approved by security officer you can see it in the current requests tab with a checkmark.
Clicking on activate grant will give you new options to make more actions such as downloading documents or showing you the contents of the document for further analysis and since this is all silent this will not affect the last visitor timestamp for this document. We also allow you to fix orphaned files across your entire domain.
Clicking on the orphan category in this summary table will show you all those files.
Orphaned files are files which have lost their path and have nowhere to go to fix them you can simply click on fix orphans here you can name the folder you would like to re-home the files as well as the email of the user who owns those orphaned files.
Alternatively, you can book fix all orphaned files to domain-wide by clicking process, all users click confirm to save any changes.
That concludes this GAT+ how-to.