Information Technology Division

Secure File Transfer – Google Drive

Steps for Secure File Transfer via Google Drive

Recommendations for File Sharing

In accordance with the University’s Google Drive Usage Policy:

  • Follow principles of least privilege and need to know.
    • When sharing files or folders only include recipients that are authorized and need to view the data.
    • Do not grant a higher level of permission than recipients require (view, commenter, editor). Consider the needs of each recipient.
    • Sharing files gives you granular control over who can access each file, sharing folders will grant the user access to any sub folders and files inside of that folder.
  • Select sharing options carefully
    • Individual Users: Sharing with individual users is the most restrictive since control is granted on a per user basis each with assigned permissions.
    • Restricted Time-Limited Access: When sharing with individual users, set a time-limit that will automatically disable the file share after a specific number of days.
    • Link Sharing: Sharing by link increases the risk of a file being accessed by an unintended user, and is not recommended when using Google for individual file transfers of confidential information.
  • Periodically review sharing settings and permissions to make sure currently shared files should still be shared.
  • Periodically review files stored in your own Google Drive and delete those files you no longer need.

Sharing Files and Folders

Google has the most current and up to date information on how to share files and the options available. Google sharing is recommended for collaborative document work, and sharing individual files with specific individuals:

Using Google Forms File Uploads to Receive Files

**This feature is only available for “My Drive”. This will not work with shared Google drives**

Google offers upload folders in Google Forms. This is recommended for departments who have a process that requires frequently accepting documents from multiple individuals:

  1. In Google Drive create a Google Form.
  2. Name the Google Form appropriately.
  3. Select File Upload as one of the questions for the Google Form.
    1. When File upload is used Google will create a folder structure in the account’s Google Drive where form file uploads will be kept.
      1. e.g. Form Name (file responses)
  4. Adjust the settings for the File Upload as needed.
  5. Navigate to the Folder and edit the share settings to share the folder contents with any users that will need access to all files uploaded to the form. Follow best practices for ensuring only necessary individuals can access the folder.

If you use a Generic Account for this type of document collection:

  1. Login to the Generic Account Center to request a generic account. If you already have an existing generic account start with step 2.
  2. Once your generic account is approved setup a password for it.
  3. Submit a ServiceNow ticket to the InfoSec team requesting Google Drive access for the Generic Account. Justification will have to be provided with each request.
  4. If the ticket is approved you may now use the generic account for document uploads.
  • Please handle all file uploads with care.
  • Do not share files or folders with unintended recipients. Only users that require access to the file uploads should be shared to the Google Drive folder.
  • For the file upload purpose the Generic Account should only be used to manage the Google Form and folders for the file uploads.
  • Data owners should always access the files in Google Drive folders with their own NetId accounts that the folders are shared to and not with the Generic Account.

Additional Information

  • When a user uploads their file to the Google Form it will create a copy of that file in their Google Drive as well as upload the file to the Google Folder that is associated with the Google Form.