File Management – Changing ownership or file access rights with GAT Unlock
GAT Unlock is tightly integrated with the powerful search and filter options available in GAT+. This means you only have to do things once.
In this example we are going to find all the spreadsheets owned by the group ‘Support’ that are shared externally, then we will remove the external sharing and change the ownership (on all the selected files at once).
TIP: Always narrow the file request with a search first – saves time and makes approval simpler.
Step 1: Click on the ‘Apply custom filter’ button in Drive Audit.
Step 2: Select the following option:
- First, we can select “Long search”.
- We search for OU (/Support) – and select the Sub. Org and Owned (only owned files by the Org. Unit)
- Click the checkbox option ‘Owned only’, this will show all the files owned by ‘Suppor’ group. Otherwise, it would show all of the files associated with ‘Support’ group, were Support shows up as Owner, Editor or Reader.
- Once the long search completes – Open “Apply custom filter” add extra rules Type equal to Spreadsheets and to add another search parameter click on ‘Add rule’ button and select ‘Sharing Flag’ to ‘Shared Out’. Selecting shared out will only focus on files leaving your domain.
Apply the filter will find files from Support that is a spreadsheet and are shared out.
Step 3: Next click on the ‘Toggle Selectable’ button, this will allow you to select files individually or all of them at the same time.
Note: You can not perform actions on a ‘Suspended’ account.
Step 4: Click on the button ‘File operation’ and then select the ‘File Management’ option.
Step 5: In this example, we are removing external access to the spreadsheets and making the manager the owner of all the files.
When you click on the ‘Send request’ button, an email is going to be sent to your security officer.
If the security officer approves your actions, they will be executed and you will be notified.
If permission is not granted by the security officer, you will also be notified and no actions will be taken.
Access Permissions Granted – How to silently copy or view files
We are going to use a powerful search feature inside of GAT+ Drive audit to identify the contents of documents we’re going to investigate. The feature is called “Full Content Search”
Step 1: Click on the ‘Long search’.
Step 2: Select “Full content search”
Then select the expression or an individual word you would like to search for example
“Full content search” –
The “Query” is the term we are searching for, then we select the Org. Unit (“Support” in this example) and if we like we can include all the Sub. Org.
Step 3: Now, that the search is complete, click on the ‘Actions” and select the green icon
Then the results will be displayed.
Step 4: Click on the ‘Apple custom filter’ button to build on top of the current filter.
We are going add another search parameter on top of the current filter. Select the ‘Updated’ parameter, for our example, I’m going to look back a few months. This will show us files which contain the sentence “private and confidential” and which have been updated since Feb 1st, 2018.
Step 5: Select the files you are interested in and select the toggle button.
Step 6: Click on the ‘Files operation’ button and then select ‘Access permissions granted’.
Step 7: Next we will select a date in the future, we will have access to these files until this date. You have an option to write to your security officer explaining why you need access to these files.
Send the request to the Security Officer(s) for approval.
The following email will be sent to the Security Officer
The Security Officer can click on the link in the email and will be taken to the approval area in GAT+.
When the Security Officer grants access an email will be sent to the requesting Administrator/delegated auditor informing them. The Administrator from the ‘Access permission granted’ menu can see the full list of their access requests along with the time left for each request to remain valid.
Once the request is selected, the requestor can download documents or view the contents silently without the owner’s awareness.