To no one’s surprise, security is easy to get wrong when configuring your Google Apps domain. Even when you follow a reputable security guide, enable two-factor authentication, require SSL at all times, and encrypt your Gmail messages, there’s still plenty of work to be done. A lot of that security work isn’t obvious, and may require using Google Apps in ways that wouldn’t occur to many administrators.
Build a Better Super Admin
Sean Satterlee, Senior Information Security Architect at Findly, is a reformed hacker, and his advice for Google Apps security boils down to this: “Hold tight your Google Super Admin.”
The primary administrator or “Super Admin” of your Google Apps domain has broad-ranging powers over every service and user on that domain. If a hacker compromises the Super Admin, they can lock out all the other administrators, suspend or delete all the other users, and steal or destroy all the data on your domain. That’s why Satterlee tries not to use the Super Admin whenever possible.
Set Up Data Loss Prevention the Smart Way
One of the most promising recent security innovations in Google Apps for Work is Gmail’s Data Loss Prevention (DLP) feature, which scans outgoing mail for sensitive data and stops it from leaving your domain if it violates certain policy algorithms. Think of it as a reverse spam filter; instead of keeping unwanted messages from entering your inbox, DLP makes sure that Gmail doesn’t expose any information that shouldn’t be shared outside your company.
Data Loss Prevention comes with a number of built-in content detectors for identifying common terms like credit card or social security numbers, but DLP also allows administrators to set up a number of custom filters. When one of these custom filters detects an outgoing email message that contains information that may violate your information-sharing policy, your domain administrator can be alerted.
This, in effect, means your Google Apps domain administrator can spy on outgoing Gmail messages, which sets up a “who watches the watchmen” security scenario. Google Apps administrators should not be allowed to configure DLP without oversight, as Satterlee explains.
Avoid “Privilege Creep”
Colin McCarthy, North American Associate IT Director for Essence, has administered Google Apps domains personally and professionally since 2010. His concerns about Google Apps begin with Google Drive.
“One of my complaints about Google with their Drive management policies is it’s far too open. As soon as you create and share a document, the default setting is for that person to be able to add other accounts without the document owner knowing. Default permissions should be the lowest access level, View, and not the highest, Can Edit. I really wish Google would update these policies. Certain sharing settings are an individual per-user, per document setting and not something we as Admins can enforce. This can create a problem if you have a user that’s leaving, there’s nothing to stop them from adding their personal Gmail to a load of documents, and keep the ability to view or share your confidential data outside your company. Employing 3rd party DLP software can alert you of these instances.”
For even more Google Apps tips and how you can avoid some common headaches, download our eBook: The 5 Essentials To A Successful Google Apps Administration.