Hi, we've identified a range of security issues with sharing Google Drive/Shared Drive files through restricted Spaces/Chat:

1. When files/folders are shared this way, you can't see who has shared your file, or who they've shared it with (see image at the bottom of the message)
2. You can't currently search for files that have been shared this way - you have to manually view the sharing settings for each file and folder in your domain. (eek)
3. When you find files/folders shared in this way, you can't find out who they have been shared with to check if you have a security issue.
4. You may be able to see anyone who's accessed your documents in the Activity Dashboard if they haven't opted out.

This results in documents/folders being shared internally/externally in a manner that document owners can't track/monitor/mange which is a significant security risk.

To resolve these issues, can Google look at:

1. Adding the ability to disable sharing of Google Drive/Share Drive files through Google Chat / Spaces?
2. Change the Restricted Spaces/Chat sharing mechanism so that when files are shared through this pathway the individual names are added to the shared documents/folders rather than using the Restricted Group?
3. Implementing a search command to find files/folders shared in this way within Google Drive/Shared Drive?
4. Update Restricted Space/Chat access to allow the owner of Google Drive/Shared Drive files to see the name of the person who has shared the document(s) using the Google Restricted Space/Chat group as a contact-point for the given access

Does anyone have any suggestions on how to manage/mitigate access shared in this way with current tools?

Thanks for your help.