If you spend any time with spreadsheet applications like Microsoft Excel or Google Sheets – or even import certain kinds of data into Microsoft Outlook – you will inevitably encounter a comma-separated values file, commonly known as a CSV.
A CSV file is a simple text file that you can open in a wide variety of programs, including any program that works with plain text like the Notepad app; what makes a CSV file unique is the way its content is organized.
What to know about a CSV file
A CSV file, as the name implies, typically separates information using commas. It’s a way to exchange structured information, like the contents of a spreadsheet, among programs that can’t necessarily talk to one another directly.
As long as two programs can both open a CSV file, they can exchange data. For example, you can save contact information from Microsoft Excel as a CSV file, and import it into the address book in Microsoft Outlook.
A typical CSV file looks like this, where each line contains the same sequence of data so any program which needs to read it knows what to expect:
Product, Size, Color, Price
Shirt, Medium, Blue, $14
Shirt, Large, Red, $15
Pants, Medium, Khaki, $23
Despite the name, a CSV doesn’t need to rely on commas as the separator between pieces of information. This separator, called a delimiter, can be a semicolon, space, or some other character, though the comma is most common.
And of course, once you’ve imported your CSV file into any of these programs, you can then edit the data like you would with any other file.
Google Drive is quickly becoming the most popular storage service around. And with more than a billion users and over 2 trillion files saved, it needs to be secure.
But Google users have been victim to hacks before – in 2014, approximately 5 million Gmail usernames and passwords were stolen and leaked online.
So if you use Google Drive, you might be wondering how secure your files really are.
How Google Drive secures your files and data
Regardless of previous hacks, the risk of using Google Drive is low. Google uses the strong 256-bit Advanced Encryption Standard (AES) encryption on all its Google Drive servers (with the exception of a small number of storage devices that date prior to 2015 – those use AES128 encryption instead).
Likewise, when the data is in transit between users and Google Drive servers, Google uses the Transport Layer Security (TLS) protocol to protect the data and prevent interception.
In short: your data is largely secure.
How Google Drive may be vulnerable
Some security experts don’t love that Google keeps encryption keys for all the files on Google Drive. Encryption keys are tools that let Google (or whoever has the keys) decrypt files, bypassing all their security.
“Because they are in control of these encryption keys, it can lead to vulnerabilities for its users,” said Kristen Bolig, founder at SecurityNerd. “They have the power to decrypt files which can make them easier for hackers.”
This is in contrast to apps like Signal, where not even the company that runs the app can access your data.
Moreover, Google is subject to governments and law enforcement. “If your files are subpoenaed, depending on what Google decides, it might not take a security breach to forfeit your privacy,” said Monica Eaton-Cardone, chief operating officer of Chargebacks911.
And as is often the case with cloud services, the most significant risks aren’t related to the encrypted infrastructure, but with the user, and Google Drive has a number of user-related vulnerabilities.
Google Drive lacks cohesive organizational permissions, for example. Nick Santora, CEO of Curricula, said, “The way Dropbox uses folders allows us to segment data by department and only give employees in that department access to those folders. Google makes this extremely difficult to do. Everything you do is a one-off. The permissions system is ad hoc, which leads to mistakes.”
How to protect yourself as a Google Drive user
The biggest risk to your Google Drive data is often you – along with the computers or devices you’ve connected to Google Drive. Remember that in general, any files on Google Drive get synchronized to your computer, so those files are vulnerable. “You can use encryption to further hide and protect your files,” Bolig suggested.
Security.org editor Gabe Turner said it’s important to “remove any apps or browser extensions that have access to Google Drive unnecessarily.” Every app with permission to access Google Drive is another vector for hackers and a security vulnerability.