I am developing industrial android applications that utilize the Google Drive API to both read from and write to files that are shared by the company G-Suite administrator. The applications are installed on an employees work profile and managed using Google mobile management.
In use, the employee downloads shared files using the app which populate databases unique to the company. Then, in app use, data is written back to a shared Drive file. Multiple employees each add to this file which is then analyzed by the company.
Here's the situation: I need to share the files as read only or read/ write so the app can access. This works nicely but it is now possible that the same employee can log into Google drive from his or her PC etc.. as well and modify the files thereby causing havoc. What I'd like is some way to share the files such that they can only be accessed through my app and not the standard Google Drive PC interface.
One thought I have is if there was a way to password protect the shared files. This way the Admin could add the password to the app such that the app has the password but not the employee. In this fashion the employee could only read and write to the files using the app and it would be more secure. Read only is OK that means the user can't modify the file but read / write permission grants them the ability to destroy the file, ( rouge employee for example)
Perhaps the password could be part of the GMM for the app and set via the work profile? Or maybe a Google Drive folder that could only be accessed by the employee when they are logged into their work profile. (better but still not optimum)
In short, I'd like a new shared permission. [ read write with password ] Then I can bury the password into the app so when the employee goes to connect to the drive file the app provides the password and not the employee. If the employee tries to get to the same file from outside the app they are password blocked.
Any ideas?
