This article explains how to setup Google Drive categories to restrict what the user is allowed to do namely downloading, uploading and opening shared documents.
Note: Implementing this solution will only work on the web client, it will not work with Google Drive applications.
The following will outline the procedure of how to set up custom categories to block uploading, downloading, or accessing shared files in Google Drive.
- Create a new custom category in Guardian > Policy objects > Categories, named for the service you are blocking, for example, Google Drive Uploads.
- Add the following to block the service:
- To block downloads add the following to URL patterns:
Note: This might still download a file, but the file is the Smoothwall blockpage rather than the file the user is trying to download.
- To block shared documents add the following to Domain/URL filtering:
- To block uploads add the following to Domain/URL filtering:
Tip: If required, you can add the URL pattern and both URLs above to a single custom category to block all Google Drive services
- If one does not exist, create a new HTTPS inspection policy with the Google Drive custom category selected as the What, and Decrypt and inspect as the Action.
- Who Everyone*
- What Choose the custom category created in step 1
- Where Everywhere*
- When Always*
- Action Block
Make sure the Enable Policy option is selected.
*You should change these based on your organizational needs.