Table of Contents
How to prevent your files from being downloaded, printed and copied (Google Drive user version)
To prevent your files in Google Drive from being downloaded, printed and copied:
Select one or more files in Google Drive, click Share.
In the top right corner click on the gear icon.
Uncheck the box “Viewers and commenters can see the option to download, print, and copy.”
How to set the default settings to prevent files in Shared drives from being downloaded, printed, and copied (Google Admin version)
If you have access to the Google Admin Console, you can prevent files in Google Drive from being downloaded, printed, and copied by default.
Log in to Google Admin Console, go to Apps → Google Workspace → Drive and Docs.
Go to Sharing settings:
Go to Shared rive creation and click Edit:
Uncheck the box “Allow viewers and commenters to download, print, and copy files” and click Save.
Google Admin Console allows you to change this setting per organizational unit. This means that when people in a specific OU create shared drives, this will be the default setting. The setting won’t change if a shared drive is moved to a different OU.
Changing this setting affects only new shared drives. Existing shared drives will not be affected by this change.
How to restrict downloading, printing and copying in an existing shared drive (Google Admin version)
To restrict downloading, printing, and copying of files by commenters and viewers in an existing shared drive, log in to the Google Admin Console, go to Apps → Google Workspace → Drive and Docs → Manage Shared Drives.
Select the shared drive you want to limit, click on Settings and uncheck the box “ Allow viewers and commenters to download, print, and copy files” and click Done.
Now this setting will be disabled for all files in this shared drive, and the end user will not be able to turn it on. They will see the message “Commenters and viewers can’t download, copy, or print files in this shared drive”.
Disabling this setting for an entire shared drive, or for all shared drives created in a specific organizational unit might not always be the best approach. Security must not come at the cost of collaboration, because when end-users are not able to do their job due to inadequately strict security regulations, they usually find a workaround that may be even less secure.
For example, at first glance the HR shared drive seems an ideal candidate to restrict all downloading, printing and copying of files, because HR often operates with sensitive information: salaries, employee evaluations, personal details of employees, and more. However, at the same time, HR also shares important non-confidential information with employees: company policy updates, announcements, holiday dates, and so on. It makes sense to share these with employees with the Viewer permissions, to prevent unauthorized edits and comments in the files. But employees may want to download the files to save them for future reference, and restricting this could lead both employees and the HR department to look for an alternative way to share these.
Rather than applying the restriction universally to an entire shared drive, you may want to prevent downloading, printing and copying only for certain files that are likely to contain confidential information. You might want to enforce restrictions only for files older than 3 months, those with a specific keyword in the title (e.g., ‘Contract’), or those labeled with a certain Drive label (e.g., ‘Confidential’). You may even go further and fine-tune the restriction to apply only to files shared with particular users, groups, or domains.
How to allow downloading, printing and copying only for specific files
Google Admin Console currently does not provide the flexibility to manage the setting to allow viewers and commenters to download, print and copy files on a more granular level than per shared drive. But don’t worry, we got your back!
In Florbs Security & Auditing tool, go to Audit files.
Combining filters, find the files you want to manage.
Select the files you want to manage and click on Add bulk action.
In Actions, choose “Don’t allow viewers and commenters to see the option to download, print, and copy”.
Then, add the description of the bulk file management action. The action will be added to the history log with the overview you added for transparency and accountability of all actions in the app.
Done! You can also add this action as a security policy, to be automatically applied to all files that meet your criteria in the future. That saves you time and effort, ensuring that all future files are always protected without delay.
Interested to learn more about best file security practices in Google Drive? Check out our white paper: File Security in Google Drive: A Comprehensive Guide, and follow us on LinkedIn for more Google Workspace tips!