fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

A Google Drive Security Update Will Break Some of Your Shared Links

A Google Drive Security Update Will Break Some of Your Shared Links

An upcoming security update for Google Drive will increase the security of your shared documents but likely break many of your shared links.

Yesterday, Google began emailing Google Workspace admins about a new security update for Google Drive rolling out on September 13th, 2021, to make file sharing more secure.

“We’re releasing a security update which will apply to some Drive files. This will make Google Drive files more secure by updating their links and may lead to some new file access requests,” explained Google in a new blog post.

“While we recommend that you apply the update, Google Workspace admins can choose how this update is applied in your organization.”

When the security update is applied, it will add a resource key to Google Drive sharing URLs, as shown below. 

An example shared URL with resource key: https://drive.google.com/file/d/0B1v_CzospBBbSBRIBk1hZBdpcDB/vieA?usp=sharing&resourcekey=0-nianCdaCdmShrKSOAmcIlA.

If a user has not previously viewed the file or been given direct access, they will need to use this resource key to access the file.

This update will cause any Google Drive links that you previously shared on websites, social media, or elsewhere to no longer work as they will not contain the required resource key.

If you wish to continue publicly sharing your Google Drive documents, you will need to update your posts with the new links that contain the resource key.

Also Read: Compliance Course Singapore: Spotlight on the 3 Offerings

Feature rolling out over the next few months

Google is rolling out the Google Drive security update over the next few months in three phases to give Google Workspace admins enough time to prepare.

During Phase 1, which runs from now until July 23rd, 2021, admins can use the Google Alert Center to view an alert about this update with a list of files or folders that may be affected by the update.

They can then go to Apps > Google Workspace > Drive and Docs, click Sharing settings, and then Security update for files, as shown below, to configure how they want to apply the update.

Google Drive security update settings
Google Drive security update settings

After clicking on Secure update for files, you will be prompted to select one of the following settings:

  • Apply the security update with no option for users to remove it—The default for EDU, this option applies the update to all impacted files in your organization.
  • Apply the security update, but users can remove it for specific files—The default for non-EDU, this option applies the update to all impacted files in your organization.
  • Remove security update (not recommended)—Links to your files remain the same. There’s no option to remove the security update from folders.

In Phase 2, which is from July 26 to August 25, 2021, Google Drive notifies affected users of the update and any affected items that they own or manage.  If an admin permitted them, they can now decide to remove the update from those shared files.

Also Read: PDPA Singapore Guidelines: 16 Key Concepts For Your Business

Finally, in Phase 3, which begins September 13, 2021, the update will have finished rolling out based on the settings the admins and their users have configured.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us