In multiple blog posts over the past 2+ years, we have covered the changing and growing nature of threats to your organization, systems, and people. G Suite security offers advanced measures to protect user data, including encryption, 2-step verification, phishing protection, and admin controls. For us the answer is CPR …
Communicate and Educate;
Prevent & Protect;
Recover & Review.
Once you have these basics in place, the challenge becomes keeping up with the times. As the nature of threats change, the protective capabilities of our key systems should evolve as well. This includes thinking about managed cloud services, which are being driven by modern security needs.
For those of us running G Suite, we may understand that Google has expanded the security footprint and capabilities, but have we altered our configuration to properly protect ourselves?
G Suite Security Best Practices
The first step in assessing your data protections and security is to understand the risks.
- 91% of attacks start with a phishing email
- 66% of malware was installed via malicious emails or attachments
- 90% of all reported breaches caused by employee negligence, extortion, and external threats
These statistics, while not unfamiliar, point to the change in risk from physical devices to data and human interactions.
As people can be your greatest risk, the best protections compensate for human behavior.
Versions of G Suite Security to Protect Your Business
Step two is mapping your security needs to the right version of G Suite. Each version adds additional protections, allowing you to move up to the version that best meets your needs and priorities. Understand what each version offers and map them back to your regulatory and business requirements.
G Suite Basic Security Features
- Encryption in transit and at rest, including policy-based TLS enforcement
- 2-Step Verification via prompt, SMS, Security Key, or Authenticator app
- Single Sign-on (SAML 2.0)
- OAuth 2.0 and OpenID Connect
- Restrict emails to authorized recipients
- Drive audit logs
G Suite Business Security Features
- Vault for compliant archiving and e-discovery for Gmail, Drive, and Hangouts Chat
- Team Drives for centralized access controls and permissions management
- Domain white-listing for Drive with alerts
- Basic Information Rights Management (IRM) to manage scope of sharing by Organizational Units
G Suite Enterprise Security Features
- G Suite Security Center with a unified security dashboard
- Advanced Data Loss Prevention for Gmail and Drive files
- Email content compliance and objectional content filters, with OCR
- Security key enforcement
- User S/MIME Certificates for Gmail encryption
- App white-listing to control 3rd party data access
- Sandboxing (pre-delivery deep scanning) or email attachments
Moving to the right version of G Suite security has never been easier
While no one product or service will meet all of your security, privacy, and data management needs, moving to the right version of G Suite improves your security footprint and can mitigate the need for 3rd party solutions. To help you move, we are partnering with Google to offer pricing incentives.
Your next step is to contact us to schedule a complimentary Cloud Advisory Session to assess your needs, priorities, and options.
How secure is G Suite?
How do I make my G Suite more secure?
There are several steps you can take to make your G Suite more secure:
- Enable 2-step verification: This adds an extra layer of security by requiring a second form of authentication, such as a code sent to your phone, when signing in.
- Use strong passwords: Use unique and complex passwords for each account and change them regularly.
- Enable mobile device management: This allows you to monitor and manage access to G Suite on mobile devices.
- Enable security key enforcement: This adds another layer of protection to your account by requiring a physical security key to access it.
- Use data loss prevention (DLP) rules: DLP rules can help prevent sensitive data from being shared outside of your organization.
- Regularly review your security settings: Make sure your settings are up-to-date and in line with best practices.
- Educate your users: Train your employees on security best practices and provide them with regular updates and reminders to help keep your organization safe.
Is G Suite more secure than Gmail?