TL;DR
Start by auditing users’ sharing settings
If you want to get a handle on Google Drive file sharing exposure, the first step is seeing who’s sharing what, with whom. This means breaking down Drive file permissions by user especially the ones who’ve gone wild with external shares.
Google Workspace offers some great built-in capabilities, but let’s be honest – getting a clear, per-user breakdown of overexposed files isn’t exactly plug and play. If you need this visibility now (and ideally in a format you can act on), Sola lets you build or grab a prebuilt app in minutes, that would give you that user-level view across your Workspace.
Google Workspace offers some great built-in capabilities, but let’s be honest – getting a clear, per-user breakdown of overexposed files isn’t exactly plug and play. If you need this visibility now (and ideally in a format you can act on), Sola lets you build or grab a prebuilt app in minutes, that would give you that user-level view across your Workspace.
Sola apps that could help you
Visit the App GalleryThe root problem: Google Drive sharing is… too easy
Google made Drive file sharing frictionless, which is great for productivity, but a bit of a nightmare for Google Drive security. Most overexposure happens through public links or “anyone with the link” sharing, often done unknowingly. The result: sensitive files floating around without control, often undetected until it’s too late.
Unfortunately, Google’s native audit tools only take you so far. The Alert Center, DLP rules, and Drive audit logs can help, but they require setup, filtering, and still won’t give you that clean “Show me all files this user shared externally” view.
Use Google Drive audit logs, but don’t stop there
You can identify overexposed files by user in Google Workspace, but it takes effort. Use the Drive audit logs in the Admin Console to filter for external shares, and pivot by actor. This gives you visibility into who’s sharing externally and what files are involved.
To go further, export logs to BigQuery or connect them to a SIEM. Still, this approach is bulky, not real-time, and demands scripting or third-party tooling.
Use Sola to answer that question instantly
Sola offers a faster way to find out overexposed files by user. In your Sola Workspace, grab the Google Workspace – Publicly Shared Files Insights app, or build your own with the AI co-pilot. Connect your Google data source, and in minutes, get a clean breakdown of users, their externally shared files, and alert conditions you actually care about. Quite simply, Google Workspace security on your own terms.