Go back

How to Control External Access to Offboarded Users’ Shared Files

Employee offboarding is a task that HR, IT, and Security teams handle today more often than ever before. As worker mobility continues to increase–both in the form of voluntary job changes and what NIST gently terms “unfriendly” terminations–the ability to seamlessly and securely offboard employees is critical, and failing to do so has serious security implications.

Product
June 24, 2024
5m read
5m read
5m listen
5m watch
5m watch
circles inside a blue-green background
speakers
speakers
speakers
authors
Nate Abbott
participants
No items found.
share

Employee offboarding is a task that HR, IT, and Security teams handle today more often than ever before. As worker mobility continues to increase–both in the form of voluntary job changes and what NIST gently terms “unfriendly” terminations–the ability to seamlessly and securely offboard employees is critical, and failing to do so has serious security implications.

As the use of file sharing platforms like Google Drive has grown and the volume of sensitive data stored within has increased along with it, businesses need to consider a range of compliance and policy-related issues when files are shared outside of the organization–and these issues often become even more pressing when an employees is offboarding and their shared files are transferred.

Don’t Let Shared Files Get Lost in the Shuffle

There are a range of best practices as part of a securing cloud data during the offboarding process, from monitoring file downloading and data exfiltration to preventing external email forwarding. But one task that’s often underestimated in its complexity is understanding and securing the access to departing users’ shared files.

Even relatively short-tenured employees can build up substantial libraries of shared documents shared with partners, customers, and other external users. The most common procedure for handling an offboarded user’s shared files is to simply transfer ownership of those files to their manager as-is. That manager is then responsible for ensuring the security of those files–most critically any external permissions.

Even if a manager is only inheriting a handful of shared files, this can be a tricky task–and if the departing user shared large volumes of files the lift gets even heavier. Does the manager know what types of files are moving under their control, and their sensitivity? How familiar are they with company policy or compliance requirements on who should have access externally? Are there any files the departing user shared recently that might be particularly risky? These considerations are key to understanding what is and isn’t acceptable sharing–but none of them are core functions of most managers.

Adding to the risk are the cases where a manual review workflow can inadvertently leave unnoticed security gaps. For example, even the most meticulous manager with all the free time in the world likely won’t catch a departed user’s deleted externally-shared files. Deleted files often aren’t migrated upon offboarding, but their sharing permissions can linger, leaving orphaned files unseen by the organization but still visible externally. This leaves you with files within your footprint with external access but no internal stewardship–a recipe for unwanted and potentially unseen visitors into your environment.

With relatively limited visibility into Drive and so many potentially-dangerous edge cases to consider, even the most meticulous manager with all the time in the world on their hands will struggle to ensure the file transfer process is followed exactly. This is where Material can help.

Material Security Simplifies the Offboarding Process

Material’s Data Protection for Google Drive makes the offboarding process simpler and more secure by automatically revoking external sharing permissions of files through our integration with Okta Workflows, Tines, and other vendors.

Upon suspension of the user in Okta - the initiation of offboarding - Material’s automations kick into gear and begin the process of cleaning up the user’s shared files:

  • The system gathers information about that user and constructs a query to find all the externally-shared files they own–by default, Material looks for any shares with specific external email addresses, as well as “anyone with link” permissions.
  • The Revoke Google Drive File Access API is called for each externally-shared file
  • This process loops through all the externally-shared files and revokes those permissions. Whether a few dozen or a few thousand shared files, those permissions will be revoked within minutes of the workflow being triggered.

The end result is that any external access to an offboarded user’s files are automatically revoked, without any manual intervention from the manager, security, or HR teams beyond suspending the user in Okta. The files may then be transferred to the departing user’s manager or follow whatever process your offboarding procedures require, safe in the knowledge that no one outside the organization can access them any longer.

Control Risky Sharing with Data Protection for Google Drive

Understanding what types of files your employees are sharing, the sensitive data they contain, and who those files are shared with–is critical for security and regulatory and policy compliance. And when an employee leaves, sensitive data in their shared files can become an overlooked risk in the offboarding process–but remediating that risk doesn’t have to be difficult.

Material Security’s Data Protection for Google Drive seamlessly finds and fixes risky sharing of your users’ files from their first day to their last.

Want to learn more? Schedule a personal demo with our team today.

Related posts

Our blog is your destination for expert insights, practical tips, and the latest news in technology. Stay informed with our regular updates and in-depth articles. Join the conversation and enhance your understanding of the tech landscape.

blog post

Beyond the Inbox: Unifying Cloud Workspace Security

Material offers a modern, comprehensive strategy that unifies cloud workspace protection across email, files, and user accounts. The platform leverages the rich APIs and audit logs available in Google Workspace and Microsoft 365 to create a cohesive security solution that connects the dots between what traditional point solutions often miss.

Material Security Team
12
m read
Read post
Podcast

Beyond the Inbox: Unifying Cloud Workspace Security

Material offers a modern, comprehensive strategy that unifies cloud workspace protection across email, files, and user accounts. The platform leverages the rich APIs and audit logs available in Google Workspace and Microsoft 365 to create a cohesive security solution that connects the dots between what traditional point solutions often miss.

12
m listen
Listen to episode
Video

Beyond the Inbox: Unifying Cloud Workspace Security

Material offers a modern, comprehensive strategy that unifies cloud workspace protection across email, files, and user accounts. The platform leverages the rich APIs and audit logs available in Google Workspace and Microsoft 365 to create a cohesive security solution that connects the dots between what traditional point solutions often miss.

12
m watch
Watch video
Downloads

Beyond the Inbox: Unifying Cloud Workspace Security

Material offers a modern, comprehensive strategy that unifies cloud workspace protection across email, files, and user accounts. The platform leverages the rich APIs and audit logs available in Google Workspace and Microsoft 365 to create a cohesive security solution that connects the dots between what traditional point solutions often miss.

12
m listen
Watch video
Webinar

Beyond the Inbox: Unifying Cloud Workspace Security

Material offers a modern, comprehensive strategy that unifies cloud workspace protection across email, files, and user accounts. The platform leverages the rich APIs and audit logs available in Google Workspace and Microsoft 365 to create a cohesive security solution that connects the dots between what traditional point solutions often miss.

12
m listen
Listen episode
blog post

Defusing Email Bomb Attacks with Material Security

Material delivers a new solution to a resurgent threat: automated remediations to email flooding attacks.

Nate Abbott
5
m read
Read post
Podcast

Defusing Email Bomb Attacks with Material Security

Material delivers a new solution to a resurgent threat: automated remediations to email flooding attacks.

5
m listen
Listen to episode
Video

Defusing Email Bomb Attacks with Material Security

Material delivers a new solution to a resurgent threat: automated remediations to email flooding attacks.

5
m watch
Watch video
Downloads

Defusing Email Bomb Attacks with Material Security

Material delivers a new solution to a resurgent threat: automated remediations to email flooding attacks.

5
m listen
Watch video
Webinar

Defusing Email Bomb Attacks with Material Security

Material delivers a new solution to a resurgent threat: automated remediations to email flooding attacks.

5
m listen
Listen episode
blog post

Securing Google Drive for the Enterprise AI Search Wave

Google Drive isn’t just another input to AI-driven search: for businesses that have standardized on Google Workspace, it’s the most critical.

Josh Donelson
3
m read
Read post
Podcast

Securing Google Drive for the Enterprise AI Search Wave

Google Drive isn’t just another input to AI-driven search: for businesses that have standardized on Google Workspace, it’s the most critical.

3
m listen
Listen to episode
Video

Securing Google Drive for the Enterprise AI Search Wave

Google Drive isn’t just another input to AI-driven search: for businesses that have standardized on Google Workspace, it’s the most critical.

3
m watch
Watch video
Downloads

Securing Google Drive for the Enterprise AI Search Wave

Google Drive isn’t just another input to AI-driven search: for businesses that have standardized on Google Workspace, it’s the most critical.

3
m listen
Watch video
Webinar

Securing Google Drive for the Enterprise AI Search Wave

Google Drive isn’t just another input to AI-driven search: for businesses that have standardized on Google Workspace, it’s the most critical.

3
m listen
Listen episode
blog post

Supercharging Gemini Labelling in Google Drive with Material Security

Find sensitive content across your environment and kick off smart, flexible actions like labeling automatically at scale.

Josh Donelson
6
m read
Read post
Podcast

Supercharging Gemini Labelling in Google Drive with Material Security

Find sensitive content across your environment and kick off smart, flexible actions like labeling automatically at scale.

6
m listen
Listen to episode
Video

Supercharging Gemini Labelling in Google Drive with Material Security

Find sensitive content across your environment and kick off smart, flexible actions like labeling automatically at scale.

6
m watch
Watch video
Downloads

Supercharging Gemini Labelling in Google Drive with Material Security

Find sensitive content across your environment and kick off smart, flexible actions like labeling automatically at scale.

6
m listen
Watch video
Webinar

Supercharging Gemini Labelling in Google Drive with Material Security

Find sensitive content across your environment and kick off smart, flexible actions like labeling automatically at scale.

6
m listen
Listen episode
Privacy Preference Center

By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.