Google Suite Tools
for collaboration at NIST
Justin Senseney and Zak Mohamoud
Platform Services Division, OISM, NIST
February 13, 2018
1
Overview
Google Groups
Access at NIST
Google Accounts
Free accounts
Paid accounts
Paid account features
Google sites
Team Drive
Security monitoring
2
Groups https://groups.google.com
New lists:
Request one here: https://psd.oism.nist.gov/list
[listName]@list.nist.gov
Subscribe: [listName]+subscrib[email protected]
Unlike legacy lists, archives are accessible, and can be made publically
accessible.
Subscribers do not need Gmail or google accounts. Google accounts
are needed to view private archives.
3
FCSM
Two ways to access:
Inside NIST: https://list.nist.gov/fcsm
Outside NIST: https://groups.google.com/a/list.nist.gov/forum/#!forum/fcsm
Was on NIST mailman server
Archives, subscribers moves to Google Groups
Groups
Subscribing
Anyone, from any email
address can request to
subscribe
Owner approves request
Posting
Some lists are moderated,
fcsm is not
All subjects will have
[fcsm] prepended
Message received by over
1,000 subscribers
Archives
Groups
Groups
Groups - https://groups.google.com
New lists:
fcsm@list.nist.gov
Subscribe:fcsm+subscribe@list.nist.gov
Unlike legacy lists, archives are accessible, and can be made publically
accessible.
Subscribers do not need Gmail or google accounts. Google accounts
are needed to view private archives.
These are not @gmail accounts, Google accounts use any email address
Sign up here: https://accounts.google.com/SignUpWithoutGmail
12
Free Google accounts
15GB of storage
Subject to Google
privacy policies
Get approval with local
security
Google-managed
password
Features:
Google Forms
Hangouts
Real-time document
editing
Paid Google accounts
Unlimited storage
Single-sign on
capabilities
Google Groups
Google Sites
Team Drive
Drive file stream
Mobile device
management
Cloud access security
broker integration
Access
https://portal.office.com
Takes you to Google Drive
and Box
Only works on NIST
networks
15
Access
https://drive.google.com
https://groups.google.com/
16
Access
https://drive.google.com
https://groups.google.com/
17
Access
18
Free vs. paid Google accounts
Unlimited storags
Google Sites
20
21
22
Drive – Limits
Daily upload limit: 750GB per account
Max file size for you: 5TB
For a collaborator: the available space in their Google Drive, even to your
Google Drive.
Storage for you: Unlimited
For a collaborator: Unlimited in your folders, standard/free quota is 15GB, all
government customers should be unlimited, some are 30GB
23
Team Drive
Shared ownership
Able to use internally and externally
Add a list.nist.gov mailing list as a member to make managing
membership easy
Team Drive
Team Drive
NIST members should go to https://psd.oism.nist.gov/google to get an account.
Anyone can go to https://accounts.google.com/SignUpWithoutGmail?hl=en to create
an account. Free accounts require ITSO request.
Drive File Stream
Download Drive file stream:
https://dl.google.com/drive-file-stream/googledrivefilestream.dmg
https://dl.google.com/dl/drive-file-stream/GoogleDriveFSSetup.exe
Safelinks https://safelinks.nist.gov
27
Drive File Stream
28
You can now access Team Drives on your computer.
Drive File Stream
29
Last 10 files are stored locally, or you can make folders available offline
Mobile Device Management
30
Moderate data
Moderate impact on NISTs confidentiality, integrity, or availability.
Examples
PII
Bank accounts
Credit card #
Proprietary data
Contracts
Similar to monitoring of Office365 emails
Members of the public may give you moderate data
Skyhigh
32
User notification
We have approval to store NIST Low data only in cloud applications like Box and Google Drive. To
monitor that, we’re using an application called SkyHigh which does a scan of the data inside of Box
and Google, and reports when it receives a potential violation of the policies we’ve
programmed. One of those policies focuses on server security information, since that data shows
the vulnerabilities that exist on potentially public systems. Inside your Google storage there is a
file named “reac-security.tgz” that kind of information. This is the kind of information that the NIST
ITSO has decided should not be stored in Google, because Google’s ability to store sensitive data in
a secure way has not been determined. Can you remove it and any similar files you have?
If you want to be able to store this information in Google, talk to your ITSO. I’m also happy to
come to talk to your group about our Google implementation, and how were hoping to see it used
at NIST, because I want to make sure it works well for what we’re trying to do at NIST.
Note that Gitlab.nist.gov was just approved to store moderate data like this, that would probably
be a better place to store this information.
-Justin
Data loss prevention
Data is evaluated on daily basis, real-time monitoring in place
Still sent to System Incident Response team for privacy impact
assessment and monitoring by
Their investigation is sent to Department of Commerce headquarters
They also monitor presence of NIST data in the public Internet
35
Account Requests
How:
Request account: https://psd.oism.nist.gov/google
Request mailing list: https://psd.oism.nist.gov/list
Free accounts can be requested by the public
https://accounts.google.com/SignUpWithoutGmail?hl=en
NIST users wanting such an account should contact their ITSO
36
Overview
Access at NIST
Google Groups
Google Accounts
Free accounts
Paid accounts
Paid account features
Google sites
Team Drive
Security monitoring
37
Acknowledgments
Associate Director of Laboratory Programs for pilot funding
Kathy Sharpless for spearheading
Collaboration Steering Group for discussion and user management
Matt Wilkinson’s division (188) for managing
You, for your patience
38
Contacts
Collaboration Tools Team
Justin.[email protected]v
Zak.Mohamoud@nist.gov
Matthew.Wilkinson@nist.gov
Brian.Berry@nist.gov
39