Posts

G Suite: Modern Security for Modern Threats

Google CloudIn multiple blog posts over the past 2+ years, we have covered the changing and growing nature of threats to your organization, systems, and people.  For us the answer is CPR

Communicate and Educate;

Prevent & Protect;

Recover & Review. 

Once you have these basics in place, the challenge becomes keeping up with the times.  As the nature of threats change, the protective capabilities of our key systems should evolve as well.

For those of us running G Suite, we may understand that Google has expanded the security footprint and capabilities, but have we altered our configuration to properly protect ourselves?

The first step in assessing your protections is to understand the risks.

  • 91% of attacks start with a phishing email
  • 66% of malware was installed via malicious emails or attachments
  • 90% of all reported breaches caused by employee negligence, extortion, and external threats

These statistics, while not unfamiliar, point to the change in risk from physical devices to data and human interactions.

As people can be your greatest risk, the best protections compensate for human behavior.

Step two is mapping your security needs to the right version of G Suite. Each version adds additional protections, allowing you to move up to the version that best meets your needs and priorities. Understand what each version offers and map them back to your regulatory and business requirements.

G Suite Basic

  • Encryption in transit and at rest, including policy-based TLS enforcement
  • 2-Step Verification via prompt, SMS, Security Key,or Authenticator app
  • Single Sign-on (SAML 2.0)
  • OAuth 2.0 and OpenID Connect
  • Restrict emails to authorized recipients
  • Drive audit logs

G Suite Business

  • Vault for compliant archiving and e-discovery for Gmail, Drive, and Hangouts Chat
  • Team Drives for centralized access controls and permissions management
  • Domain white-listing for Drive with alerts
  • Basic Information Rights Management (IRM) to manage scope of sharing by Organizational Units

G Suite Enterprise

  • G Suite Security Center with a unified security dashboard
  • Advanced Data Loss Prevention for Gmail and Drive files
  • Email content compliance and objectional content filters, with OCR
  • Security key enforcement
  • User S/MIME Certificates for Gmail encryption
  • App white-listing to control 3rd party data access
  • Sandboxing (pre-delivery deep scanning) or email attachments

Moving the right version of G Suite has never been easier.

While no one product or service will meet all of your security, privacy, and data management needs, moving to the right version of G Suite improves your security footprint and can mitigate the need for 3rd party solutions. To help you move, we are partnering with Google to offer pricing incentives.

Your next step is to contact us to schedule a complimentary Cloud Advisory Session to assess your needs, priorities, and options.


 

 

 

Google+ Hangouts and Google Apps: OFF for a Reason

As Google prepares to replace Google Talk with Google+ Hangouts, customers expect to benefit from the improved audio/video quality and features that Hangouts offer over Talk.

There are very good reasons why Google+ Hangouts are OFF by default in Google Apps for Business (Gov and Edu, too).  Before you turn on Google+ Hangouts, understand the current ramifications.

  • Preview Mode:  Google+ Hangouts are not yet officially released and, as such, get “best effort” support as opposed the technical support under the Terms of Service.
  • Incompatibility:  Google+ Hangouts are not compatible with Google Apps Vault.  Any organization that plan on using Vault, or that may need to use Vault, should not opt-in to Google+ Hangouts.
  • Data Location:  Google Apps customers under data location restrictions cannot opt-in to Vault.
  • No Enterprise Controls:  These controls are not yet available for Google+ Hangouts at this time.  As such, there are no warnings for users when chatting outside the domain and there is no way to block users’ chat status outside of the domain.

Google advises enterprise environments to continue using Google Talk for instant messaging, voice, and video conferencing.

Cumulus Global shares this recommendation, as the implications of adding Google+ Hangouts is not fully understood.  Organizations interested in a test domain may contact us for assistance.