On the 28th of July, 2021, Google announced that “A security update is going to be implemented to Drive” – some users received an alert about this upcoming change in their enterprise Workspace accounts and an email from Google Drive Team. According to the announcement, the update would “make sharing files more secure” and is part of Google’s broad change that will also affect YouTube and the productivity app on the 13th of September, 2021.
A link is attached at the bottom of the email to take you to “files with that security update” in Google Drive. If you visit drive.google.com, you will also be welcomed with a message, “On 13 September 2021, an update is going to be implemented to a few of your files.” You would see a list of the affected files when you click on the “See files” link.
So, what’s this Google Drive Update, how does the security update affect you, as well as what should you do about it? Here is a clear explanation of Google’s “security update.”
- The security update impacts only Google Drive and not Google Slides, Sheets, Docs and Forms, and it affects admins and end-users.
- The update has been implemented already to affected files in Google Drive – you may not have to do a thing at all if that update is fine by you.
This update changes the way content sharing works on Drive. Basically, users can share files on Google Drive in two distinct ways – via email address to a particular Google Drive or via the “get link” option. The link can be sent to anyone (even those not known by the file owner) and anyone with that link can access the content on Google Drive. This recent update affects file sharing via link.
What The Update Changes?
Before now, a link to a file on Google Drive looks like this (not a real link though): https://drive.google.com/file/d/OUejYjuQfrOAc_9wk5aGLdi5v9Tqu_QXhlR/view?usp=sharing. This link is an instance of what IT specialists refer to as “security by obscurity.” Though with such a link, it is difficult to locate the file, it is not difficult to access the file.
With the new update, Google is making the openly shared files more difficult to find by adding a further string of random 24 characters known as a “resource key” at the ending of links to existing shared files, making them more difficult to guess or find. So the fake link above will appear like this: https://drive.google.com/file/d/OUejYjuQOAc_9wk5aGLdi5v9Tqu_QXhlR/view?usp=sharing&resourcekey=p4x5BkgU-qE5JtHIaFrT_eXJ.
Users have till 13th September 2021 to determine how the update applies to their files after which the users’ option will be enforced on the affected files. After September 13, anybody who comes across the old links to Google Drive files for the first time and tries to open the files will be denied access. Such a person would have to ask for access from the file’s owner to see this content, and the latest link that has the resource key included would be sent to him/her by the file owner, making the file a little more “private.”
However, those who have accessed the Google Drive files via the old links in the time past would still be able to access the file using the old link. More so, file links created after September 13 would include the resource key and make those files accessible to anyone with the link.
According to Google, “You’ll have to pass collaborators the latest, updated links that contain the resource keys for your contents, thus they may gain access when the security updates are implemented. Do not eliminate the resource key parameter when sending the links to other people.”
With this update, Google is simply trying to distinguish between file links generated before September 13 and those generated after the date – we feel this won’t be the final time.
Click here to get today’s best phone cases for your Apple, Google, and Samsung devices at affordable rates.