Return to the report summary

Google Drive and Docs Baseline Report

Customer DomainReport DateBaseline VersionTool Version
example.org02/10/2025 09:39:56 Pacific Daylight Timev0.4v0.4.0

DRIVEDOCS-1 Sharing Outside the Organization

Control ID Requirement Result Criticality Details
GWS.DRIVEDOCS.1.1v0.4 Agencies SHOULD disable sharing outside of the organization's domain. Warning Should The following OUs are non-compliant:
  • Org Name: Files owned by users or shared drives can be shared outside of the organization
GWS.DRIVEDOCS.1.2v0.4 Agencies SHOULD disable users' receiving files from outside of the organization's domain. Pass Should Requirement met in all OUs and groups.
GWS.DRIVEDOCS.1.3v0.4 Warnings SHALL be enabled when a user is attempting to share something outside the domain. Pass Shall Requirement met in all OUs and groups.
GWS.DRIVEDOCS.1.4v0.4 If sharing outside of the organization, then agencies SHALL disable sharing of files with individuals who are not using a Google account. Pass Shall Requirement met in all OUs and groups.
GWS.DRIVEDOCS.1.5v0.4 Agencies SHALL disable making files and published web content visible to anyone with the link. Fail Shall The following OUs are non-compliant:
  • Org Name: Published web content can be made visible to anyone with a link
GWS.DRIVEDOCS.1.6v0.4 Agencies SHALL set access checking to recipients only. Pass Shall Requirement met in all OUs and groups.
GWS.DRIVEDOCS.1.7v0.4 Agencies SHALL NOT allow any users to distribute content from an organization-owned shared drive to shared drives owned by another organization. Fail Shall The following OUs are non-compliant:
  • Org Name: Anyone can distribute content outside of the organization
GWS.DRIVEDOCS.1.8v0.4 Agencies SHALL set newly created items to have Private to the Owner as the default level of access. Pass Shall Requirement met in all OUs and groups.

DRIVEDOCS-2 Shared Drive Creation

Control ID Requirement Result Criticality Details
GWS.DRIVEDOCS.2.1v0.4 Agencies SHOULD NOT allow members with manager access to override shared drive creation settings. Pass Should Requirement met in all OUs and groups.
GWS.DRIVEDOCS.2.2v0.4 Agencies SHOULD NOT allow users outside of their organization to access files in shared drives. Pass Should Requirement met in all OUs and groups.
GWS.DRIVEDOCS.2.3v0.4 Agencies SHALL allow users who are not shared drive members to be added to files. Fail Shall The following OUs are non-compliant:
  • Org Name: Users who aren't shared drive members are not allowed to be added to files.
GWS.DRIVEDOCS.2.4v0.4 Agencies SHALL NOT allow viewers and commenters to download, print, and copy files. Pass Shall Requirement met in all OUs and groups.

DRIVEDOCS-3 Security Updates for Files

Control ID Requirement Result Criticality Details
GWS.DRIVEDOCS.3.1v0.4 Agencies SHALL enable the security update for Drive files. Pass Shall Requirement met in all OUs and groups.

DRIVEDOCS-4 Drive SDK

Control ID Requirement Result Criticality Details
GWS.DRIVEDOCS.4.1v0.4 Agencies SHOULD disable Drive SDK access. Pass Should Requirement met in all OUs and groups.

DRIVEDOCS-5 User Installation of Drive and Docs Add-Ons

Control ID Requirement Result Criticality Details
GWS.DRIVEDOCS.5.1v0.4 Agencies SHALL disable Add-Ons. Pass Shall Requirement met in all OUs and groups.

DRIVEDOCS-6 Drive for Desktop

Control ID Requirement Result Criticality Details
GWS.DRIVEDOCS.6.1v0.4 Google Drive for Desktop SHOULD be enabled only for authorized devices. Warning Should The following OUs are non-compliant:
  • Org Name (group "Justin Cooper"): Drive for Desktop is enabled and can be used on any device.
  • Org Name (group "Aaron Smith"): Drive for Desktop is enabled and can be used on any device.
  • Org Name (group "Security Group"): Drive for Desktop is enabled and can be used on any device.