Google Workspace administrators, regardless of industry, size, or workflow, all share a common goal: protecting their organization's data. Whether it's to comply with regulations like HIPAA, CJIS, and PII, or safeguard sensitive information from unauthorized access, security remains a critical concern.
A major part of that includes making it as easy as possible to safely collaborate, internally or externally, using everyday tools. It’s why these admins choose Google in the first place - it’s a trustworthy platform that gives you both security and collaboration.
But what about the organizations that need an extra layer of security to meet particularly stringent regulations, like ITAR, CMMC, ISO 27001, etc.? Those admins use a combination of Google CSE and a third-party key management provider.
Understanding Google Workspace CSE
Administrators leverage best-in-class security with Google Client Side Encryption (CSE) and a third-party key management partner, like Virtru, to protect data from unauthorized third parties by encrypting data and hosting those encryption keys in the location of their choice.
But the reality is that even with this high level of security, a glaring gap exists when it comes to achieving access control on the file level. This is because when a user has access to a Drive folder, they have access to all the files within that folder - even CSE-protected files.
This deficiency is simply a new iteration of the castle-and-moat ideology. The fortress walls (A.K.A Google Drive folder permissions) guard against outsiders, but do not discriminate between those already inside - whether they should have access to weapons storehouses and treasuries within or not. Consequently, organizations are left grappling with the challenge of maintaining a delicate balance between enabling collaboration and safeguarding sensitive data.
Bridging the Gap with Virtru Private Keystore
Virtru Private Keystore fills this gap by offering robust granular access control capabilities in addition to key management. Seamlessly integrated with Google Workspace, Virtru Private Keystore empowers administrators to enforce precise access controls to individual files, ensuring that only authorized users can decrypt and access sensitive files.
Unlike traditional key management providers, Virtru Private Keystore leverages your custom labels and Google Groups to enable precise control over file access permissions. Even when files are moved to other Drives or folders, access controls remain intact, mitigating the risk of unauthorized access and data breaches.
How It Works
The process is simple yet powerful:
- Encryption via CSE: Files stored in Google Drive are encrypted using Google Workspace CSE.
- Application of Labels: Custom labels are applied to the file, leveraging the organization's unique labeling system tied to Google Groups.
- Automatic Access Enforcement: Virtru Private Keystore automatically enforces access based on the applied labels, ensuring that only authorized users can decrypt and access the files - a unique benefit currently provided only by Virtru
Empowering Organizations with Enhanced Security
Virtru Private Keystore compliments the existing Google Workspace CSE capability you already enjoy, providing the granular access controls necessary to protect your most sensitive assets effectively.
With Virtru, administrators can rest assured that their organization's data remains secure, even in the face of evolving threats and compliance requirements.
Ready to apply label-based access controls to your Workspace files? Get started with Virtru today.
