Skip to content
GSD GSD Security Library

Secure Sharing in Google Workspace

Google Workspace · secure sharing

Send files to clients and partners with an exact expiration date and time, named recipients only, and Viewer-level access.

The 6-click share

  1. Click Share. Open the file in Drive, click the Share button.
  2. Add their email. Type the recipient’s exact email address.
  3. Set role to Viewer. Expirations are only available on the Viewer role.
  4. Add expiration. In the role dropdown, click Add expiration.
  5. Set date and time. Click the pencil icon, set the exact end date and time.
  6. Send. Click Send. Access ends automatically at expiry.

Heads up. Add expiration is only available on the Viewer role. Commenter, Contributor, Content manager, and Editor can’t be time-limited, so drop the role to Viewer first if access needs to expire.

Pick the right permission

Viewer

Read, and optionally download. The only role that supports expirations.

Commenter

Comment, no edits. Can’t be time-limited.

Editor or Content manager

Full edit. Grant only when it’s genuinely needed.

Lock down sensitive files

In Share, click the gear icon and turn off:

  • Editors can change permissions and share
  • Viewers can download, print, and copy

That stops forwarding and local copies.

Extend, revoke, audit

  1. Extend: Share, then the pencil, then a new date.
  2. Revoke: Share, then the role dropdown, then Remove access.
  3. Audit a file: right-click, then Share.
  4. Admins: review the Drive audit log at admin.google.com.

Do

  • Share by email, never “Anyone with the link.”
  • Set the shortest reasonable expiration.
  • Disable download, print, and copy on confidential docs.
  • Audit shares quarterly on long-lived folders.

Don’t

  • Use “Anyone with the link” for client data.
  • Grant Editor when Viewer will do.
  • Share a whole folder when one file is enough.
  • Forget to revoke after a project ends.

Need help? [email protected] · getsitdone.ai  ·  Get Stuff Done