The good news is that your company switched to Google Apps and Google provides several essential pieces of security to ensure the data you store there is safe. The not quite so good news…for some organizations, data protection gaps remain and Google may not address business needs previously met by traditional on-premise systems. If you care about the security of your data (and we think you do), it’s time for the ultimate Google Apps security plan. Below are three specific security areas you need to consider along with actual technology suggestions for each.

1. Enhance Email Security

What Google Does:

By default, Google relies on several tools to secure email. Google secures the connection to Gmail from your browser (i.e., “https://”), and also enables forward secrecy. Google encrypts messages as they move between Google servers. Gmail exchanged among Google Apps and Gmail users remains protected, as are messages exchanged with email providers that support TLS (transport layer security). These measures provide many organizations a previously unachievable level of email security.

Google, in partnership with Zix, offers the Google Apps Message Encryption service. The service routes email securely via Zix. The sender triggers this routing with a keyword in the email subject line, such as “Encrypt”. Recipients access messages in one of three ways: transparently, if their organization uses a ZixGateway; by logging into ZixPort, a web-based portal; or, by unlocking the email with a password, with ZixDirect.

However, a major security concern remains: Google and/or Zix hold the encryption keys. For optimal security, only the user—or an enterprise—would have access to encryption keys.

Solution to Consider for Encryption:

For an enterprise, CipherCloud’s gateway encrypts data to cloud services, such as Gmail or Salesforce. The gateway encrypts and decrypts traffic between the user and the cloud service, while the encryption keys remain in the organization’s control.

2. Extend Data Recovery

What Google Does:

A Google Apps user may recover some deleted items without help. For example, a user can recover deleted Google Drive files or Gmail from Trash for up to 30 days. Similarly, Contacts may be reset to as they existed at any point in the prior 30 days. After 30 days, Google deletes items in Trash automatically. Google allows an administrator to restore a person’s Google Drive files for up to 25 days after the file has been deleted from Trash.

But not all items may be recovered. Google does not retain Calendar items in Trash, they’re deleted immediately. Outside of the 30 day window, deleted email and contacts are not recoverable.

Solution to Consider for a Secure, Second Copy of your Data:

Backupify securely and automatically backs up your Google Apps data so that data in Gmail, Calendars, Drive (you get the idea) can be restored in seconds.

3. Lock-down Document Security

What Google Does:

Google Apps gives administrators and users control of file and folder permissions. A person may share a file either by sending it as an email attachment, or by sharing access to the document. Access options allow a document owner to publish a document to the web, or require authentication to view. Your Google Apps administrator controls whether files may be stored offline or synced to local systems.

Google encrypts all Drive files. The company enforces a secure connection from your browser to Google Drive. Files are encrypted when stored on Google’s servers, and when conveyed between Google’s data centers.

Drive document audit options range from simple to complex. Google Apps reports the total number of files shared by each user, but no details. Google Apps Unlimited creates a log entry every time people create, modify, or share documents

Solution to Consider to Improve Cloud Document Security and Audit Options:

CloudLock helps identify when people share PII (personally identifiable information), PCI (payment card information) or other sensitive information in documents. People may be prompted to remove, restrict sharing, or to password protect (and encrypt) each identified

Need more details on how your company can build a comprehensive Google Apps security plan? Download the eBook The Complete Guide to Google Apps Security and learn!