echo ''

Virtru Security Insights

Join 10,000+ Security Professionals Who Receive Our Content Every Month

3 Google Apps Security Settings That Can Protect Your Data

November 25, 2015

Think locking down Google Apps for Work (now known as G Suite) requires a large IT security team and extensive know-how? Think again! Google Apps security settings allow a single admin to protect your organization’s domain from hackers and internal leaks. Here are 3 basic settings to strengthen the security of any organization using Apps:

1. Require Strong Passwords

Weak or exposed passwords are a major security liability. Users can inadvertently let hackers in by storing passwords on a computer, or choosing passwords that are too short or too easy to guess. Fortunately, there are Google Apps security settings that can force users to make strong passwords, and then protect them even if those passwords are compromised.

First, set user password length requirements by clicking Security > Basic settings from the admin dashboard. Set the minimum and maximum length in the “Password strength” section. The longer a password is, the harder it is to guess. Set the minimum length to at least 12 characters, and instruct users to make password strings using uppercase and lowercase letters, numbers, and at least one other character.

Next, setup 2-step verification requirements for all users. This will force users to enter a short, numeric code that will be texted to them every time they log in. That way, even if a hacker steals an employee’s password, they won’t be able to crack their account without their phone.

You’ll find the “2-Step Verification” box under Security > Basic settings. Click “Allow users to turn on 2-factor authentication.” Send users to the 2-Step Verification page, which will guide them through setup. Once everyone has set it up, enforce it; click Reports > Security, and look through the list of users to make sure all of them are enrolled. Finally, go to Security > Basic settings > Enforce 2-Step Verification on users, and select “Turn on enforcement.”

2. Restrict User Permissions

Good password policy makes it difficult for hackers to get in, but not impossible. Additionally, it doesn’t stop malicious (or clumsy) insiders from damaging or leaking your organization’s data. Fortunately, Google Apps security settings can restrict user access, limiting the amount of damage an individual account can do.

First, group users by what tools they need. If your organization uses Google Sites, for example, there are probably only a few people who need to be able to access it. Similarly, you may want to restrict access to Google Sheets to financial and administrative users.

Now, create some organizational units. From the Admin console, click “Users,” followed by the symbol that looks like an inverted triangle. Then, click the symbol that looks like three dots in a vertical line, and select “Add Sub Organization.” Finally, add a name and description, and position the group hierarchically. For example, if you have a unit for marketing, and sub-units for content marketing and traditional marketing, put the sub-units below marketing.

Next, use the following link to find the Google Apps services that need restricted access. Click “On for Some Organizations,” and select which organizations should have access to each service. Finally, click and drag each user into the correct organizational unit.

3. Automatically Encrypt Email

Google has a built-in encryption protocol called TLS, which it tries to use whenever it sends emails. If the recipient’s server doesn’t support TLS, however, Google will send the message unencrypted, which could allow hackers or government surveillance to read it. Requiring TLS in the Google Apps security settings protects email by preventing Gmail from sending or receiving messages that aren’t encrypted.

Unfortunately, this could prevent your users from communicating with people on certain domains, and it isn’t an absolutely foolproof way to protect emails. Because TLS relies on servers for encryption, it has vulnerabilities in certain scenarios. If a server has been compromised or supports an outdated version of TLS, a hacker could read your email without your knowledge.

That’s why Virtru’s data-centric encryption works with Gmail to make it strong, providing more protection than TLS alone. Clicking Virtru’s blue “V” automatically encrypts your message with military-grade cryptography. Each message stays encrypted until it reaches your recipient’s computer, making it invulnerable to attacks that can compromise TLS. Add Virtru DLP, and you’ll be able to mandate encryption throughout your organization, making all employee emails hacker-proof.

Enhance Your Google Apps Security Settings with Military-Grade Encryption

Google Apps security and privacy controls give you the power to protect your organization from outside hackers and insider threats. Although Google’s encryption is up to Internet standards, you can never do too much to protect yourself and your company. Virtru secure email complements your Google Apps security settings with virtually unbreakable, data-centric encryption. Add Virtru Google Apps encryption to protect all your apps’ data. Add Virtru DLP to ensure employee mistakes never sabotage your security. Get Virtru to keep your business safe in the cloud.