Identifying and Blocking Google Drive when Using Chrome-cached Session
Even blocking Google Drive based on the URL category will not help, blocking online-personal-storage (drive.google.com, docs.google.com) will not block listing and navigating.
For blocking to work successfully, blocking google-drive is not enough. We also need to block google-docs.
We can further customize the requirements of the customer to allow users to access google-drive but block uploads and downloads.
The google-docs application is made of other sub-applications listed below. The app names explain their functions:
Note: We will need to have decryption in place for the above functions to work. We should especially decrypt the 'search-engine' category along with the following url's drive.google.com, *.google.com, *.googleusercontent.com, and *.gstatic.com
A screenshot of adding a security policy to allow access to google-drive but deny downloads or editing, and just allow uploading files.
Enabling decryption for search-engine might trigger a safe search enforcement from the the url category, which will break the ability to search from the address bar of the Chrome browser.
The search made from the address bar does not include the string " safe=active" when searching, this is seen only when using Google as a default search engine.
As a workaround, we can use the following custom search engine (make it default ) in the Chrome settings:
The screen shot is attached for reference.