Veza integrates with Google Drive to secure access to enterprise files

Veza announced an integration with Google Drive, the popular file storage and synchronization service.

With this integration, Veza customers can now secure access to files like docs and spreadsheets that are stored in Google Drive.

Identity is the primary avenue for ransomware, breaches, and insider threats. According to Gartner, “Over 80% of organizations have suffered an identity related breach in the last 12 months.” Gartner, “Top Trends in Cybersecurity 2023,” by Richard Addiscott, Alex Michaels, et al, March 2023. Recognizing that incidents are inevitable, CIOs and CISOs must limit their identity attack surface, enforce access policies, and follow the principle of least privilege.

Google Drive, which includes Google Docs, Google Sheets, and Google Slides, is a key component of Google Workspace, the subscription offering for businesses. Google Workspace has 9 million paying customers and over 3 billion users according to Business Insider. Google Drive files often include sensitive corporate information. Because access can be granted through Google Workspace groups or through a 3rd party identity platform, it is difficult for security teams to answer “who can take what action on what data.” A misconfigured drive can leave files accessible to anyone on the internet.

Using Veza’s Access Control Platform, a Google Workspace customer can quickly find over-privileged users in Google Drive and monitor for excessive access to sensitive drives and folders. It’s also easy to discover folders shared with contractors, guests, or other external parties who shouldn’t have access. This reduces the risk of damage from any compromised or misused identity, and it also improves compliance by automating and speeding the processes of preparing user access reviews and recertifications.

“With Veza, we are taking on cybersecurity’s biggest challenge: who can take what action on what data. Traditional identity tools of IAM, IGA and PAM have blind spots when it comes to identity access,” said Tarun Thakur, CEO of Veza. “What really matters is securing access to data, especially as sensitive data is stored in an ever-widening array of systems, including Google Drive. By deeply understanding the system-specific permissions as the true picture of access, Veza modernizes identity across cloud infrastructure, SaaS apps, data lakes, on-premise apps, and custom apps. With Veza, our customers de-risk the breach.”

With this announcement, the Veza integration ecosystem passes a milestone of 200 integrations, providing customers with the most comprehensive coverage for identity security. Veza integrations secure access to systems including AWS, Azure, Box, Google Cloud Platform, Okta, Salesforce, Slack, Snowflake, and Workday. The newest integrations include MongoDB, ElasticSearch, Kubernetes, Confluent, Concur, Jenkins, Kafka, and many more.

The growing catalog makes it fast and easy for Veza customers to operationalize key use cases of privileged access monitoring, cloud access management, data system access, SaaS access security, and next-generation IGA (identity governance and administration).

“As an insurance company, our customers rely on us to maintain a strong compliance posture to keep their data secure,” said Brad Lontz, SVP IT and CIO at CopperPoint Insurance Companies. “Veza has given our team unprecedented visibility to manage all identities and their access, enforce policies, and mitigate risks. We appreciate Veza’s flexibility in adding new integrations for both common and industry unique applications.”

With this integration, Veza customers can now:

• Discover all entities (including external guests) with access to all drives and folders
• Monitor and alert for misconfigurations, like drives accessible to the public or guest users, as soon as they occur
• Create access reviews for Google Drive automatically and assign review tasks to the drive owner