Overview

• The feature begins rolling out globally today in open beta, is enabled by default at no extra cost for most Workspace customers, and Google targets general availability by year-end.
• Drive for desktop detects rapid, mass file encryption, pauses syncing after only a few affected files, and alerts users via desktop notification and email.
• A guided restoration workflow in Drive’s web interface lets users revert corrupted items to healthy versions, while admins receive console alerts and can review audit logs.
• The detection engine is trained on millions of real ransomware samples and continuously incorporates VirusTotal intelligence to recognize novel behaviors.
• Protection applies only to files synced through Drive for desktop on Windows and macOS and is designed to complement antivirus and EDR rather than replace them.