Introduction

This guide helps you identify files and folders in Shared Drives that your organization has shared externally. In Google Workspace, teams commonly use Shared Drives for collaboration, but external sharing can create security risks if you don’t monitor it properly. When you identify files and folders in Shared Drives that are accessible outside your organization, you can maintain data privacy and prevent accidental exposure. Regularly checking for externally shared items is essential to keep sensitive information secure.

In this article, we’ll walk you through simple ways to spot externally shared items using Google Drive’s built-in tools or Google Admin console. Whether you're an IT admin, teacher or business owner, this guide will help you keep your Shared Drives secure and compliant.

Why It's Important to Monitor External Sharing in Shared Drives

Shared Drives are built for teamwork. Anything stored in a Shared Drive belongs to the whole team, not just one person. This makes them ideal for projects, departments or groups where multiple people need access and ownership remains with the organization.

Let’s say your marketing team uploads a confidential product roadmap to a Shared Drive. One team member, unaware of the consequences, shares it with an external vendor using their personal Gmail. That file is now outside your organization’s secure environment putting proprietary information at risk.

The hidden risks of External Sharing are as follows -

  1. Data leaks usually aren’t intentional, they just happen. For example, someone might share a file with an external partner to get quick feedback, not realizing it includes sensitive information. The impact of it could be serious.
  2. In schools, hospitals and businesses, there are strict privacy rules that must be followed. Accidentally sharing the wrong file externally could lead to compliance issues, audits or even legal trouble.
  3. When you share something outside—especially with the setting “Anyone with the link”—you give up control over its confidentiality. Others can download the file, forward it, or even share it with unintended recipients without your consent.

Ways to Identify Shared Drive Files/Folders Shared Externally

For Google Workspace Admins

The Admin console offers built-in visibility tools to help you track external sharing, but navigating them can be challenging—especially when you're managing hundreds of Shared Drives across multiple departments.

Let’s say you're an IT admin at a school district. A teacher uploads a worksheet to a Shared Drive for students, but accidentally sets it to Anyone with the link. A student shares that link on a public forum. Now, what was meant to be internal classroom material is accessible to anyone on the internet. To find out what happened, you will have to check through the Drive audit logs in the Admin console, which can feel like searching for a needle in a haystack, especially if you're not doing it every day.

Admins can use several powerful tools to track and manage files and folders in Shared Drives that are shared externally.

Use the Admin Console

The Admin console is the central dashboard where Google Workspace administrators manage their organization’s Google services.

Steps to follow:

  1. Log into your Admin console using a Super Admin account.
  2. Go to Reporting > Audit and investigation > Drive log events.
    Go to Reporting ,Audit and investigation , Drive log events.

  3. Use filters to narrow down your search. In the Visibility field, filter for items labeled Shared externally or Public on the web.
    the Visibility field, filter for items labeled Shared externally or Public on the web.
  4. Review the results and export them for reporting.

It works, but it can be time-consuming, especially if you're not sure what you're looking for.

Use GAM (Google Apps Manager)

Note: GAM requires some setup, basic scripting knowledge and admin privileges.

If you’re looking for a faster, more flexible way to check for external sharing in Shared Drives, GAM can be a huge help. GAM is a command-line tool that lets Google Workspace admins manage their environment through scripts and commands instead of clicking around the Admin console.

Real-world example:  Imagine you're a compliance officer at a healthcare group. You need to make sure no patient records are accidentally shared outside your domain. GAM lets you run a scheduled script every morning to check for any new files shared externally and send yourself a report, saving hours of manual checking and helping you catch risks early.

    Let’s say you want to find all files in Shared Drives that are shared with users outside your organization. Instead of digging manually through logs, you can follow the below steps.

    1. Install GAM
      You need to install the latest version of Google Apps Manager (GAM) on your machine. Download and extract the ZIP file to a folder from GAM's GitHub page.
    2. Set up GAM
      After extracting the GAM files, you need to configure it by authorizing it with your Google Workspace account.
      • Open a Command Prompt or PowerShell window in the folder where you extracted GAM. For example: cd C: \GAM.
      • Run the gam oauth create command to authorize GAM.
    3. Run the command
      Now that GAM is set up, you can run the following command.
    gam user [email protected] drive filelist query "visibility='anyoneWithLink' or visibility='outsideDomain'"

    The script returns a list of files in the Drive of [email protected] that are shared either with anyone who has the link or with users outside the domain.

    For General Google Workspace Users

    Even though only Google Workspace admins can see all shared files, regular users can still check what they've shared. If you’re a Manager or Content Manager of a Shared Drive, you can review who has access to files, check for any links shared outside the organization and adjust permissions when something doesn’t look right. It’s a simple but powerful way to protect your team’s information.

    What can you do as a Manager or Content Manager?

    Real-time example:
    A teacher, Ms. Carter, uploads a quiz answer key to a Shared Drive meant only for faculty. She later discovers that it was shared with Anyone with the link. A student somehow got access. Luckily, she noticed it in the file’s Share settings and removed the link access just in time. Small actions like this can prevent big problems.

    The following is a helpful checklist:

    1. Review Shared members
      Open the Shared Drive and right-click on any folder. Click View members to see who has access. If you see names from outside your organization that’s a red flag.
    2. Check the Sharing Settings of the Shared Drive
      Open the Shared Drive and right-click on any folder. Click Shared drive settings  to check access and role permissions settings.
      the Sharing Settings of the Shared Drive

      the Sharing Settings of the Shared Drive
    3. Use Activity Dashboard
      In any Google Docs, Sheets or Slides file, go to Tools > Activity Dashboard. This lets you see who’s viewed the file. If you notice external viewers which means the file has been shared externally.
      Use Activity Dashboard

    How to Check for External Sharing Activity

    1. Open Google Drive and switch to Shared Drives tab.
    2. Open a Shared Drive and look at the files and folders. If something is shared externally, you might see a Shared icon next to it.
    3. Right-click on a file or folder and click View details.
    4. In the panel on the right, go to the Activity tab to see if it was shared with someone outside your organization.

    Encourage Safe Sharing Habits Among Team Members

    • Use the Viewer or Commenter roles when sharing externally, avoid giving Editor rights unless it’s essential.
    • Turn off link sharing when it's no longer needed.
    • If your organization uses labels, mark files containing sensitive information for extra visibility.

    Bonus Tips to Identify External Sharing in Shared Drives

    1. Look for the Shared with external users label in the activity panel of a file or folder.
    2. Use the View details option to check recent sharing activity and permissions.
    3. Watch for the link icon next to files, which may indicate link sharing is enabled.
    4. Hover over shared users' names to see if their email addresses belong to outside domains.
    5. Regularly audit files using Drive audit logs in the Admin console if you're an admin.
    6. Use the GAM command line tool to scan for externally shared files across your domain.
    7. Set up alerts in the Admin console for when files are shared outside the organization.

    Conclusion

    In conclusion, protecting sensitive data means you must consistently identify files and folders in Shared Drives that are shared outside your organization. While Google Workspace provides powerful tools like the Admin console and audit logs to help you dig deep, even non-admin users can play a part by reviewing file activity and sharing settings. When you proactively identify files and folders in Shared Drives with external access, you strengthen your organization's data security and ensure only the right people have permission.

    xFanatical Articles -

    For more article please visit our website: xFanatical Articles