Comment Additional Security Features for Drive (Score 2) 9
This Spam folder is a good security feature for Google to add. It is dangerous to allow people to inject shared documents that could be clicked on and may be well disguised phishing attempts.
Some other security measures needed are:
1. When emailing a document link, Gmail presently gives the option "Allow anyone with the link to view" when emailing the link to someone that doesn't already have document access. Users accidently give worldwide access to their document if they accidentally leave this option selected, which is it's default setting.
Drive & Gmail need a way to turn this feature off.
I often send a document link to someone's main email who uses a different Gmail account to actually access it, and I need to turn off giving access to the world every time.
2. Drive needs more secure defaults to allow secured documents to be locked down.
a. "Editors can change permissions and share" should be off by default.
b. "Viewers and commenters can see the option to download, print, and copy" should be off by default.
c. If I turn these controls off for a folder, that choice should propagate to every sub-folder and every file in the tree, and stay off. Presently you need to manually turn them off for every single file and folder. And then still turn them off for every new one that is created.
The design defaults are presently inherently insecure.
People have been asking for these security fixes for years (according to what I have seen in Google support requests).
3. dskoll mentioned above to have an option to "Only allow contacts to share documents with you", which would be another good default setting.