If you are a company that uses Google Workspace, you could be on the verge of being overloaded with emails and broken links. A new Google security update is coming to Workspace and Google Drive that could create a pile of access requests, and headaches for admins.
Beginning in Fall 2021, in order to open certain files on Drive for the first time, users will need a special URL with a resource key attached. That most likely includes files that are accessed internally, or through a shared link via email.
If acted upon quickly, admins can get out in front of this update, and make sure they are ready when the update is enforced.
The proper security of a collaboration suite like Workspace is an ongoing process that involves attention and maintenance. Patch management, identity management, and communication plans are key to making sure there are no hiccups in your operations over time.
If it sounds like you need a helping hand in managing your cloud environment, don’t go it alone any longer. Give ITSG a call at (855) 4IT-GUYS, or get on our schedule for a cloud audit now.
Table of Contents
What does the new Google security update do?
The update is a standard security update to Google Workspace and Google Drive. The purpose of the update is to make sharing links more secure by adding a resource key to URLs upon a user’s first access.
Those who have viewed a specific file once already will no longer need a resource key to access it. Those who created the files or are already set as “owners” of the file will not need a resource key.
Who is affected?
The security update will take effect for all users of non-education Google Workspace environments, as well as personal users and those still with G Suite accounts.
The overwhelming effect of the update will be felt by admins, who could be inundated with access requests from users in their organization. End users who own files that they collaborate on or distribute will also receive access requests for each of their files from each new user.
The process will be a slow one, as users will access many different files over time, and each new attempt to access will trigger a request if not dealt with early. This could lead to multiple waves of requests.
By default, the update will be applied to all files. Admins can reduce the number of access requests by exempting files from the update.
What is the timeline?
Before July 23, 2021
Leading up to July 23, 2021, Workspace admins can choose how the update will apply to files in their environment.
Admins who get in early can go to the Admin console home page, go to Apps/Google Workspace/Drive and Docs/Sharing settings/Security update for links. You can now choose how you want to apply the changes:
- Apply the security update with no option for users to remove it
- Apply the security update with the option for users to remove it
- Remove the security update entirely
Make your choice and save your changes.
July 26, 2021
Starting on July 26, users will be notified by Drive if any items they own or manage will be affected. If the admin chose to let users exempt their files from the update, users can now do so.
September 13, 2021
If no changes have been made by admins, the update will be enforced and go into effect on September 13.
How do I navigate it?
If you are the admin of a Google Workspace environment, get out ahead of the update and decide how you want it to be applied. Use the directions above to make those changes in the Google Workspace admin console.
To see how many of your files will be affected, head to the Google Workspace Alert Center, and look for any alerts that read “Security update for Drive.”
Don’t wait until September and get caught off-guard. Make sure you avoid a mountain of access requests and broken links by devising a plan today. Also, take time to formulate a communication plan so the users in your environment know how to approach the update as well.
If any of these steps sound overwhelming, you are not alone. IT Support Guys helps many businesses manage their cloud security daily, and we can help yours too. Give ITSG a call at (855) 4IT-GUYS, or get on our schedule for a cloud audit today.