As your company’s G Suite administrator, you are the gatekeeper to sensitive company data and the first line of defense against internal and external threats. To keep your G Suite environment in good standing, you need to understand how to balance multiple priorities.
Monitor Access to Critical Information
G Suite privileges and roles
G Suite comes with privileges and roles built in for a plug and play SaaS experience. Take the time to understand how pre-built G Suite admin roles will work for your company and determine if you need to change the structure to fit your organization.
Remove access once employees leave
This is a given but worth repeating: if employees leave under less-than-ideal circumstances, some may be tempted to harm your company data. There is no better way to hurt you than by deleting all files over which they have ownership. In the unlikely event a former employee becomes a malicious user, you can’t afford a business interruption. Keep your data secure and protected from internal threats with third-party cloud data protection and strict HR policies that hand document access over before employees leave your organization.
Protect Your Data
As Google suggests on their G Suite new admin guide, you need to keep your data secure through two-factor authentication. In addition, it’s worthwhile to back up your data with a third-party data security platform that can guarantee a fast RTO (Recovery Time Objective).
Keep Tabs on Third-Party Apps
Third-party apps can (and do) claim data security best practices all day long. Unless you have a way to test that the third-party applications you allow access to your data have the same stringent data protection policies in place as you do, you’re putting your company data at risk.
Common third-party app risks
- Malware: Companies cannot risk critical information being shared or data integrity challenged because of an integration with a really cool sales tool–it’s not worth the risk
- Ransomware: Some apparent third-party apps are imitating legitimate apps only to infect your cloud data with ransomware to gain information or Bitcoins
- Unintended access to sensitive information: Did you save a critical, confidential company report in the wrong folder? You may have inadvertently given a third-party app access to intellectual property
Understand the Worst Threats for G Suite Users
Your data is still not 100 percent safe from malware, ransomware attacks, and internal threats–even from employees you’d never suspect would harm your data. In fact, one of the worst threats to your G Suite data is accidental deletion by well-meaning users.
Here are the top threats to your Google cloud data:
- Accidental deletion: Once an owner of a file deletes said file in Google Drive, it is gone baby gone with no help from Google
- Phishing attacks: Phishing attacks occur when a malicious entity sends your teammates emails from a false address that looks legitimate (impersonating a vendor or colleague) and ask for them to download something or click on a link, which infects their computer and all connected data with a virus. Read this article to learn how to spot phishing attacks before your company’s data falls victim
- Whaling attacks: Whaling attacks are usually more sophisticated, harder to spot, and better planned. Sometimes hackers will send whaling grooming emails (acting as a networking contact or other seemingly legitimate sender) over a period of weeks before sending anything malicious. Read our email security tips for IT admins to arm yourself with the most current information
- Third-party apps: As mentioned above, these apps are not always the app you thought they were or a legitimate app isn’t doing their due diligence to protect their users’ (your) data–you should be aware of and protect against these risks
Train Users on Best Practices
Whether it’s how to maintain file permissions to folders or how to spot phishing emails, your G Suite users play a major role in data protection too.
Some ways to train users on G Suite data best practices include:
- Lunch and Learn events: Talking about email security in a conference room may send many of your less-tech-savvy users into a catatonic state. Incentivize your G Suite users to learn about data security practices with a free lunch and learn event.
- Show and tell: Offer one-on-one or small group training where your G Suite users can see exactly how it’s done, one topic at a time, so your team is not inundated with information they won’t retain or use.
- Make it mandatory: Getting buy-in from the top is a key ingredient to enforcing Google cloud data security practices. Show your CTO or CEO the cost of business data retention to make the ROI of data backup and security investment clear.
The foundation of G Suite admin success is secure data. Keep your organizations’ G Suite cloud data safe with Backupify today.