Migrations to the cloud are moving faster than ever.
78% of businesses will be run almost entirely on SaaS Applications.
Every business is vulnerable to cybercriminals and hackers. Migrations to the cloud are moving faster than ever.
Setting up your Microsoft 365 cloud service tools or Google Workspace with advanced security configurations will provide you with your basic office functionality as well as a safe place to store and share information.
This article outlines key configurations to increase the security of your Google Workspace environment.
Top 3 Google Workspace Security Configurations for Businesses:
Google recommends that you complete the tasks listed and breaks them out by small businesses (1-100 users) and medium/large business (100+ users).
1. Set up multi-factor authentication.
Google recommends that everyone in your business use 2-Step Verification, but it’s especially important for admins and users who work with sensitive data such as financial records and employee information.
You should enforce 2FA for admins and key users. When you set up 2-Step Verification in Google Workspace you choose the second verification step for your users. Options include security keys, Google prompt, google authenticator, Backup codes, and text messages or phone calls.
2. Protect Admin Accounts
Google also recommends super admin accounts, protected by 2-Step Verification utilizing security keys.
The following best practices are specifically for the admins. Details and instructions for administrator accounts can be found here.
- Don’t use the super admin account for routine tasks.
- Admins shouldn’t remain signed in.
- Create multiple accounts of super admin.
- Set up user admin role accounts.
- Delegate daily tasks to individual user accounts.
- Set up email alerts.
- Evaluate the Admin audit log.
- Add recovery options to accounts.
- Save backup codes beforehand.
- Keep an additional security key.
3. Manage User's Password Strength
As a Google Workspace administrator, you have the ability to manage and track the password strength of every user in your organization.
Set password requirements such as password strength, length, and reset cycle. You’d want to help your users by sharing tips on how to create strong passwords. This is important; you’d be surprised how many people don’t know the basics of strong passwords.
The best tool you have is the monitor the strength of your users’ passwords from the Admin console. It gives you a graph showing how strong each users’ password is. You can have the weak ones changed promptly.
Why You Need to Protect Your SaaS Applications
Cloud Data Protection is a shared responsibility between Google and the business entity.
Google operates similarly to Microsoft with a shared responsibility in protecting cloud data. Pay attention to their language in order to understand where the limitations exist in Google Workplace data recovery.
They are clear that there is a limited time from when files and messages are permanently deleted after which they can never be recovered. Again, mitigating this risk is up to the business using the service.
Why are users exposing their cloud data to the risk of permanent loss?
Primarily because there is a common misconception that the “cloud” is impenetrable or bulletproof and that organizations such as Microsoft and Google just by the nature of their size and scope...they somehow have you and your data protected.
Unfortunately, that's not the case and both companies make this clear.
Clearly, it is critical when migrating to any SaaS application, be sure to understand where its native recovery and retention capabilities start, and more importantly, where they stop. Only then can you make sure to have the proper solution in place to ensure the data recovery level of continuity your business requires.
SaaS Protection for Google Workspace
Although data is stored in Google servers, Google does not take responsibility for the data created by end-users of their service. An independent backup separated from Google is necessary to avoid the most common data loss pitfalls such as:
- Accidental deletion or data overwrites
- Malicious end-user activity
- Lost data due to deprovisioned Google Workspace licenses
- Ransomware attacks
- External app errors (data corruption via syncing or overwriting)
Without sufficient backup, businesses stand to risk losing all of their files. SaaS Protection serves as an insurance policy against Google Workspace outages, accidental deletion, and ransomware attacks, providing a secure second location to retrieve necessary data quickly.
For more information, please visit the following sites.
- Security checklists for small businesses (1-100 users)
- Security checklists for medium and large businesses (100+ users)
Teknologize is a SOC 2 certified, Professional Technology Services company with clients throughout the Pacific Northwest. We have offices located in:
- Tri-Cities, Washington 509.396.6640
- Yakima, Washington 509.396.6640
- Bend, Oregon 541.848.6072
Questions about your IT or Cybersecurity? Give us a call today!