G Suite is almost-perfect productivity and collaboration suite. Why almost? Because it’s security depends entirely on the way you, G Suite admin, organize and customize it. As a G Suite admin, you must stay on track of the best G Suite security practices.
In this post, we will share with you the basics of the G Suite security.
Let’s dive in!
Create a password policy
Passwords are, probably, the weakest spot in the security of any organization. You may think that in the digital era, every user is super cybersecurity aware and knows that most passwords are easily crackable, but that’s not the case. People still don’t know basics, or just act carelessly, which puts the company data in jeopardy. Even one employee with a weak password can jeopardize the data of a whole department or even the whole company.
This is why it is your responsibility as a G Suite Admin to provide them with guidelines for strengthening their password security. Write a memo with the rules regarding passwords that contain the following:
1. The rules for password creation:
- Length. The password shouldn’t be shorter than eight characters.
- Complexity. The more complicated the password, the better. Passwords should include numbers, both uppercase and lowercase letters, and be complex in terms of meaning. To make it more memorable, your employees are free to include phrases from movies, songs, or just something personal.
- The password shouldn’t contain commonly used characters, phrases, words, number combinations.
- Don’t include personal information like names of people you know, places you’ve been to, etc.
You can easily control if the passwords users set up are strong enough and change them from the Admin Console.
Also, be sure to use two-factor authentication. That provides an additional level of security by requiring a user to enter a code or answering a phone to verify their identity. This way, if the password is cracked by, a cybercriminal won’t make it through the second verification step.
You can enforce everyone in your organization and enable the 2-step authentication here.
Disable access to risky apps
Most of G Suite users try to squeeze the maximum out of using the service by installing third-party applications and extensions from the G Suite marketplace. By doing so, your employees boost their productivity, but also put your organization in danger of data breach.
How so? The thing is, applications and extensions are an excellent market for hackers and cybercriminals of all kinds. It is hard to verify the legitimacy of the application before it gets into the marketplace. Professional cybercriminals hire developers to duplicate the interface of a legitimate application and put there Trojan or Ransomware.
But aside from the initially malicious applications which constitute the minority, there are also so-called risky applications. These applications are harmless in the core but ask the kinds of permissions and access that, if provided, may put company data in danger. Also, these applications may not meet the modern-day security standards and be easily exposed to cybercriminals.
As a G Suite admin, it is your responsibility to keep track of what access is granted to applications by employees, and if these applications are risky. Spin Technology Inc is a cybersecurity company that creates tools for risky apps audit, ransomware protection, and backup, which simplify the admin’s job. Using it, you can easily see which applications are benign used by your G Suite users and if they are risky, and disable access.
Activate early phishing detection
Phishing is one of the G Suite security top risks. Even though protecting the organization from phishing is not the task that lays entirely on you, your objective is to make sure you use all the G Suite resources to reduce the probability of the phishing email seeps through the spam filter.
To minimize the probability of users getting phished through emails, you need to enable the enhanced pre-delivery message scanning. What does this scanning do? When the message is going to you, it is assessed and scanned by Gmail. If Gmail recognizes the particular email as a phishing email, it will display a red warning sign on the top of an opened email, or will simply move the email to the Spam folder.
This enabled additional scanning will lessen the probability of users clicking on links in this email or provided access that may be requested.
Be careful with sharing settings
Users create and share documents all the time. And yet, many of them forget that the cloud is not a by-default-private place; moreover, it is the total opposite. There have been thousands of instances when a valuable and supposed-to-be-private document wents public or gets shared or downloaded by someone who has no relation to that document. To make something private, you need to take action; before that, everything created on the cloud is public, if it hasn’t been customized otherwise.
As a G Suite administrator, you must take care of all folders, documents, groups, and calendars had the appropriate sharing permissions. This means that documents created by some members of a group or within a particular folder couldn’t be shared with third parties.
Manage internal and external sharing: make all documents with domain Private – it makes them encrypted and impossible to be seen by someone outside of your domain.
Backup G Suite data
No matter how hard you and the guys from the security department try, the data breach is something that is unlikely to pass your company by. This is just how things work these days: either you have been attacked already, or you will be in the future. All you can do is prepare for that, so it hurts your organization less. This is why backup is vital for all organizations that don’t want to lose money due to downtime or data loss.
As a data management, collaboration, and productivity suite, G Suite is not responsible for protecting your data from bad guys and storing a copy of them for free just in case you got hit by cybercriminals. The possibility of being hit with ransomware or hacked is why it is crucial to have a daily automatic cloud backup – his way, the company data will be protected from data loss.
This content is brought to you by the FingerLakes1.com Team. Support our mission by visiting www.patreon.com/fl1 or learn how you send us your local content here.