Over the past 4 to 6 weeks, we have seen an alarming increase in the number of Google Apps accounts that have been “hacked” across both our business and education customers.
Google Apps security is NOT the issue. ALL of the hacked accounts are due to compromised user identities.
In every case we have encountered, the users have used their Google Apps email address and password with another service that has had a breach, or has had malware on their computer that provided username and password keystrokes to the hackers.
In both types of incidents, hackers then log in as the user and cause mayhem.
We strongly recommend the following actions:
1) Educate your users that they are not to use their Google Apps password for any other account not explicitly authorized. Users should also not use their Google Apps email address as the username for personal accounts with other services.
2) Check Your Systems for malware and make sure your endpoint protection is up to the task. If not, we recommend Webroot Endpoint Protection and Web Security Services (the link is to our edu site, but the service is available to business and government customers as well).
3) Implement Two-Factor Authentication (2FA). In business environments, users should be using 2FA to secure their accounts. Implementation can be involved if you have other services linked to Google Apps, as you will need to generate service-specific passwords.
In education environments, 2FA is not practical for all users, as students and many faculty members may not have mobile devices available to access the Authenticator. For schools, we recommend any user with partial or full administrative privileges have 2FA active.
Activating 2FA is covered by our support agreements.
For customers and others without support agreements, mention this blog post and we will discount our hourly support fee by 10%; W
We will discount Webroot deployment fees by 50%.
Both offers expire on December 31, 2014.