Safety and security guidelines in utilization of google docs and google classroom

From University of Nairobi WIKI
Jump to navigation Jump to search
Google Docs Tips

Google Docs are great tools for collaborating with coworkers and colleagues, but can create some undesirable situations if sensitive information is inadvertently shared in an inappropriate manner.

How it Works

*In order to access any files on a user’s account, one must be a Google user and therefore have their own account.    
*Any files are only accessible if uploaded and created by the user or shared with another user.  There is an option to choose anonymous sharing, whereby anyone with a link can find the file, otherwise shared files are **ONLY** accessible once the user has given strict permission for Google to share the files with another user; said user has to be specified by account/email address.
*In terms of security, the accounts of users involved in the process, the original creating user and the user with whom files are shared, all require passwords to be accessed.
*Search engines cannot find or access the files unless the files are published separately. When sharing files it may be useful to instruct Google on the security settings for folders, sub-folders or files being shared.

Sharing settings for Google Docs

Different sharing options are available:

    • Private** - A document shared privately is only accessible by the documents owner or creator and others cannot search for the item.
    • With the domain (UONBI)** - A document shared within the domain can be found by anyone in the domain through search.
    • Within the domain with a link** - A document shared within the domain with a link only allows users with the document’s link to access the document.
    • Anyone with the link** - Sharing a document to anyone with the link will allow anyone who has been given the document’s link the ability to access and view the document.
    • Public on the web** - A document shared publicly on the web means anyone can find (through search), access and read the item. This of course is the least secure sharing setting.


Access levels in Google Drive when Sharing: View, Comment, and Edit

Access levels

Google Drive has several different access levels when you share files, folders, and Google Docs. If you create, sync, or upload a file, you're the **owner** of that item (unless you've transferred ownership).\\ There are three levels of access for collaborators: **Can view, Can comment** (Google documents and presentations only), and **Can edit.**

Owners

 *Edit Google documents, spreadsheets, presentations, and drawings (Google Docs only)
 *Invite more editors, commenters, and viewers
 *Delete files, folders, and Google Docs
 *Remove access for any collaborator
 *Transfer ownership to another person
 *Upload and delete file versions (synced or uploaded files only)
 *Add and remove something from a folder

Editors

 *Edit Google documents, spreadsheets, presentations, and drawings (Google Docs only)
 *Invite or remove other collaborators, if the owner has given editors this permission
 *Download or sync something to another device
 *View the list of other collaborators
 *Make a copy of something to save in Google Drive
 *Upload and delete file versions (synced or uploaded files only)
 *Add and remove items from a folder

Editors can’t permanently delete a file, folder, or Google Doc.

Viewers

 *View files, folders, and Google Docs
 *Download or sync something to another device
 *Make a copy of something to save in Google Drive

Viewers can’t permanently delete a file, folder or Google Doc, nor can they change something’s sharing settings.

Commenters (Google documents and presentations only)

 *Comment on Google documents and presentations
 *View documents and presentations
 *Download or sync the document or presentation to another device
 *Make a copy of a document or presentation to save in Google Drive

Commenters can’t permanently delete a file, folder or Google Doc, nor can they change something’s sharing settings.


Intellectual Property of Content in Google Docs

//Section 11.1 of Google’s terms of service says: “You give Google a worldwide, royalty-free, and non-exclusive license to reproduce, adapt, modify, translate, publish, publicly perform, publicly display and distribute any Content which you submit, post or display on or through the Service for the sole purpose of enabling Google to provide you with the Service in accordance with its Privacy Policy.”\\ “The rights that you grant in this licence are for the **limited** purpose of operating, promoting and improving our Services, and to develop new ones. This licence continues even if you stop using our Services (for example, for a business listing that you have added to Google Maps).”//

This clarifies that you are actually not granting full IP access and rights for Google to do what it wants with your files, but just licensing the files so that Google can help you translate them, or link them with other Google services.

You **retain ownership** of any intellectual property rights that you hold in that content. In short, what belongs to you stays yours.”

This is the statement that confirms your IP rights remain yours and any photos, videos or other IP based files uploaded, stored or transferred remain yours.

How to enhance Security

 *To make sure your documents are extra safe in Google’s storage system use two-factor authentication and prevent any phishing for your password. This means someone could have to access both your password and your phone or alternate email address to access your Google account.
 *G-Suite applications, including Google Docs and Google Classroom are HIPAA compliant, meaning government services can use them, and that all information uploaded and downloaded via Google is encrypted and inaccessible to third parties. As long as your password is strong and two-factor authentication is applied, your files are super safe.
 *If you share a computer, sign out of your Google Account when you’re done.
 *Don’t install Backup & Sync or Drive File Stream on a shared or public computer. Anyone who uses the computer could access your files.


Data Security in Google Classroom
 *Two-factor account protection is available.
 *Third-party contractual security protections are required.
 *Industry best practices are used to protect data.
 *Employee or physical access to user information is limited.
 *All data in transit are encrypted.
 *All data at rest are encrypted.
 *Notice is provided in the event of a data breach.