
Google Drive and Docs Baseline Report
Customer Domain | Report Date | Baseline Version | Tool Version |
---|---|---|---|
example.org | 02/10/2025 09:39:56 Pacific Daylight Time | v0.4 | v0.4.0 |
DRIVEDOCS-1 Sharing Outside the Organization
Control ID | Requirement | Result | Criticality | Details |
---|---|---|---|---|
GWS.DRIVEDOCS.1.1v0.4 | Agencies SHOULD disable sharing outside of the organization's domain. | Warning | Should | The following OUs are non-compliant:
|
GWS.DRIVEDOCS.1.2v0.4 | Agencies SHOULD disable users' receiving files from outside of the organization's domain. | Pass | Should | Requirement met in all OUs and groups. |
GWS.DRIVEDOCS.1.3v0.4 | Warnings SHALL be enabled when a user is attempting to share something outside the domain. | Pass | Shall | Requirement met in all OUs and groups. |
GWS.DRIVEDOCS.1.4v0.4 | If sharing outside of the organization, then agencies SHALL disable sharing of files with individuals who are not using a Google account. | Pass | Shall | Requirement met in all OUs and groups. |
GWS.DRIVEDOCS.1.5v0.4 | Agencies SHALL disable making files and published web content visible to anyone with the link. | Fail | Shall | The following OUs are non-compliant:
|
GWS.DRIVEDOCS.1.6v0.4 | Agencies SHALL set access checking to recipients only. | Pass | Shall | Requirement met in all OUs and groups. |
GWS.DRIVEDOCS.1.7v0.4 | Agencies SHALL NOT allow any users to distribute content from an organization-owned shared drive to shared drives owned by another organization. | Fail | Shall | The following OUs are non-compliant:
|
GWS.DRIVEDOCS.1.8v0.4 | Agencies SHALL set newly created items to have Private to the Owner as the default level of access. | Pass | Shall | Requirement met in all OUs and groups. |
DRIVEDOCS-2 Shared Drive Creation
Control ID | Requirement | Result | Criticality | Details |
---|---|---|---|---|
GWS.DRIVEDOCS.2.1v0.4 | Agencies SHOULD NOT allow members with manager access to override shared drive creation settings. | Pass | Should | Requirement met in all OUs and groups. |
GWS.DRIVEDOCS.2.2v0.4 | Agencies SHOULD NOT allow users outside of their organization to access files in shared drives. | Pass | Should | Requirement met in all OUs and groups. |
GWS.DRIVEDOCS.2.3v0.4 | Agencies SHALL allow users who are not shared drive members to be added to files. | Fail | Shall | The following OUs are non-compliant:
|
GWS.DRIVEDOCS.2.4v0.4 | Agencies SHALL NOT allow viewers and commenters to download, print, and copy files. | Pass | Shall | Requirement met in all OUs and groups. |
DRIVEDOCS-3 Security Updates for Files
Control ID | Requirement | Result | Criticality | Details |
---|---|---|---|---|
GWS.DRIVEDOCS.3.1v0.4 | Agencies SHALL enable the security update for Drive files. | Pass | Shall | Requirement met in all OUs and groups. |
DRIVEDOCS-4 Drive SDK
Control ID | Requirement | Result | Criticality | Details |
---|---|---|---|---|
GWS.DRIVEDOCS.4.1v0.4 | Agencies SHOULD disable Drive SDK access. | Pass | Should | Requirement met in all OUs and groups. |
DRIVEDOCS-5 User Installation of Drive and Docs Add-Ons
Control ID | Requirement | Result | Criticality | Details |
---|---|---|---|---|
GWS.DRIVEDOCS.5.1v0.4 | Agencies SHALL disable Add-Ons. | Pass | Shall | Requirement met in all OUs and groups. |
DRIVEDOCS-6 Drive for Desktop
Control ID | Requirement | Result | Criticality | Details |
---|---|---|---|---|
GWS.DRIVEDOCS.6.1v0.4 | Google Drive for Desktop SHOULD be enabled only for authorized devices. | Warning | Should | The following OUs are non-compliant:
|