Google Drive Audits: Are Your Employees Sharing Files Externally? How To Reduce The Risks Of Data Leaks

Google Drive , IT Use Cases

A step-by-step guide on how to build an end-to-end automated process of external files sharing audits, including user notifications and tasks assignments. A detailed video tutorial below.

Table of Contents

Why Perform Audits?

Google Drive is an incredible tool for document creation and sharing. Its simplicity, however, can lead to potential data sprawl, making it difficult for cybersecurity professionals to monitor and secure sensitive information. As The Rolling Stones famously sang, ‘You can’t always get what you want,’ and, quite frankly, nothing could be truer when it comes to data security on Google Drive.

What are Your Options?


I know companies that completely prohibit any out-of-domain link sharing. I believe these restrictions contribute to ‘How to overcome link sharing limitations on Google Drive‘ being one of the most frequently searched queries. There are numerous discussions on Reddit and Quora that provide instructions on circumventing rules set by Google Workspace administrators. Ultimately, this often turns into a battle of ‘us against them,’ and with all hinesty, Google admins rarely emerge as clear winners.

Is There a Way to Efficiently Audit Files On Google Drive Shared Externally?

Yes, there is. Let me refer you to a recent success story. We helped Emerson College build custom automation that performed consistent periodic audits on Google Drive, including reporting and—most importantly—alerting relevant users to take action. This approach immediately improved their data security, reducing the number of files shared externally and nearly doubling their data security level. [Read more about it here].

If these results sound appealing, follow along to see how you can build this end-to-end automated process to efficiently change user behavior around external file sharing.

Let’s Get Started

How To Automate The Audits & Communication

Create a Trigger

In Zenphi, a trigger is an event that kicks off the entire flow. This could be receiving a specific email for automated accounts payable, a filled Google Form for new employees onboarding, or, in this case, a scheduled flow. We need this flow to start running tomorrow and then perform audits every 20 days.

List Group Members

Choose the action “List Group Members” and connect to your Google Directory. This step is crucial to handle all users in your Google group.

Create a Loop

You’re likely familiar with loops. The logic here is straightforward: you need this step to perform a list of actions on every member of the group—hence, the ForEach action.

Audit Google Drive Permissions? Not Exactly, List User’s Shared Files

Navigate to the Google Admin actions section and select the required action. As you can see, there are many options available — including, List Permissions.

However, this is not what we’re looking for. We List User’s Shared Files at this step, specifying the type of sharing you’re interested in (via email, shared with an external email, using a link, intra-domain sharing—you can use one, two, or all options). You can search across Shared Drives and also User’s My Drives.

Add an If Condition

At this stage, you need to plan your action based on the audit, not just review the logs. The If Condition allows the flow to branch into multiple streams. If a user has shared a file—take specific actions. If not—this ends the flow for that user.

But if they have shared, you’d want to take some steps. What we did for Emerson College and what we recommend you do as well is to: a) Generate a report, b) Assign a task to review the report. The task should outline actions a user should take around the files: remove sharing, delete the file, do nothing. This is the most important part. Instead of manually writing myriads of emails asking users to please not share files, you simply send them a task—do this, that, or the other. This standard project management approach works like a charm every time.

Generate a Report

For the report, I recommend using a template. You can create a custom template (like this one below) with any number of fields. If you need one, just drop us an email at support@zenphi.com, and we’ll share it with you.

Next, you specify the location of the template and build a flow that would populate this template for every single user in your Google group (only those who have any file-sharing activities).

And this is how you populate your template by using the action Add multiple rows.  

Assign A Task

Now, let’s assign a task to a user who’s been sharing files within the timeframe you’re auditing (let’s say, 20 days). You can assign a task within the same flow, or following my steps, create a child flow that would handle the task and run as long as it takes until the user takes action. For this, in the parent flow, you have to add an HTML Request action that would make a call to the child flow, sending the necessary data.

Within the child flow, task assignment looks pretty straightforward. First step—API and receiving data. Then, naming the flow, then task assignment.

After They Make a Choice

The task assignment action will send a user a link to the generated report on their external file-sharing activities (the template we populated, remember?). There they’d have to decide what to do with this sharing: delete the link, leave as is, or remove sharing. The next step is to automatically act on their choices. Add another If Condition after the Read Rows action. If the user decides to delete—do this, if they decide to remove—do that.

This step is pretty straightforward. If they decide to delete—delete the item automatically. If they decide to remove the sharing permission—use the action Delete Sharing Permission.

The #1 No-Code Automation Solution For Google Workspace Admins

Have more Google Admin tasks to automate? Sign up for a free trial to replicate this flow and experience the power of Zenphi automations first-hand!

Test the Flow

So, let’s run the flow? As soon as you press test, within 1 minute the report on the Google Drive audit will be ready, and a user who shared files will receive an email like this. A user will have the task open until they take action and review all the files specified in the report.

Performing Google Drive audits can be straightforward, especially when acting on these audit results is automated.

Let me know if you have any questions, and please watch the entire video tutorial if you’d like to replicate this flow in your Google Workspace environment.

Looking forward to hearing from you!

Video Tutorial: Automate External File Sharing Audits

More Posts On Google Data Loss Prevention Strategy
About The Author
Picture of Vahid Taslimi, CEO @Zenphi
Vahid Taslimi, CEO @Zenphi

Formerly the VP of Product at Nintex, and Solutions Architect at Emirates Airlines, Vahid now leads dynamic Zenphi team, a company dedicated to crafting a platform empowering Google Workspace users to automate Google admin tasks and other processes end-to-end while enhancing data security and compliance.



Number of flows

3
1
The number of automated processes (flows) set up within your organization. Each flow usually corresponds to a specific process such as Employee Onboarding, Invoice Processing, Incident Reporting, or Externally Shared Files Auditing.

Number of flow runs/month

100
100
1000
The frequency at which each process (flow) is executed monthly. For example, if your organization processes 1000 invoices each month, the Invoice Processing flow runs 1000 times. Similarly, if you conduct an Externally Shared Files Audit daily, this flow runs 30 times in a month.

Your average employee salary (hourly rate, $USD)

$/h 25
The average hourly rate of the employees who would otherwise perform these tasks manually.

Your Savings

Total savings per month ($USD)

(15*[flow]*[runs]/60*[rate])-599

Payback period (days)

599/[savings]*22
* The ROI is calculated based on Zenphi’s Pro plan at $599 per month. It is estimated that each automated operation saves at least 15 minutes for an employee who would otherwise perform the task manually. This baseline of time savings helps project cost reductions; if automation saves more than 15 minutes per operation, your savings will be even greater.