Google Drive Gains Security Upgrades, Certifications

New data retention and legal hold capabilities along with ISO certification bolster Google Drive's cloud storage technology’s security capabilities.

Google Drive Upgrade 2

With the number of paying organizations using Google Drive crossing the one million mark earlier this year, Google appears to be ramping up its efforts to bolster the cloud storage service's security features.

The cloud services giant introduced new features on Sept. 21 that are intended to give organizations more visibility and control over business files stored and shared by workers in Google Drive. The new features add retention and legal hold capabilities to the existing collection of e-discovery capabilities available with Google Drive.

The new functions are similar to those available from Google for email and chat, and they’re designed to help businesses fulfill their legal obligations pertaining to data archiving and removal.

The data retention function allows organizations to set automatic expiration commands for stored content after a specified period of time, said Scott Johnston, director of product management at Google Drive in an interview with eWEEK. The legal hold feature ensures that specific content is stored and available for legal purposes even if employees delete the data from Drive, Johnston said.

The features are currently in limited rollout and will become fully available in the next few months, Johnston added in a blog post Monday.

Google’s new retention and legal hold functions add to a growing list of capabilities that have been added to Google Drive recently to make it more business-friendly.

Earlier in September, for instance, the company added new mobile device management (MDM) capabilities that give administrators a way to control and manage access to Drive from mobile devices. The enhanced MDM support allows administrators to monitor usage and enforce policies such as strong authentication, device encryption and remote wipe on all smartphones used by workers to access business data in Google Drive.

In addition to the feature upgrades, Google on Monday announced that Google Drive has achieved the ISO 270018 certification standard for cloud privacy. The certification basically validates that Google does not use customer data for advertising purposes and that data entrusted to the company will be protected from government and other third parties, Johnston said.

The certificate also validates that Google provides customers with tools to delete or export their data from Google Drive and that the company is always transparent about where a customer’s data is stored, he added.

In addition to the ISO certification, Google Drive has been previously certified as compliant with the SOC 2 and SOC 3 security standards for cloud computing.

According to Johnston, interest in Google Drive continues to grow in businesses. Customers for the cloud storage service range from small operations to large, well-known brands, he said. At many organizations, cloud storage services such as Drive have evolved from being a shadow IT issue to one that is being actively managed by IT.

As that has happened, consumers have shown increasing interest in learning more about security and privacy issues related to cloud storage and sharing, he said. “It is amazing how much we are hearing about security and compliance,” from those interested in Google Drive, he said.

Jaikumar Vijayan

Jaikumar Vijayan

Vijayan is an award-winning independent journalist and tech content creation specialist covering data security and privacy, business intelligence, big data and data analytics.