In just a decade, Google has managed to bring in 500 million users with Gmail, making it one of the world’s largest email service providers. While Google offers best-in-class security and privacy controls, there are still some steps you should take, to ensure that your private data doesn’t fall into the wrong hands anytime soon. Here are 5 steps you can take to secure Gmail:
1. Complete the Gmail security checklist.
For starters, Google provides an easy checklist of steps you should take to secure Gmail. Some of the more interesting steps take advantage of some features that most users don’t know about, such as the ability to see the IP addresses (and locations) of the last people to access your account, enabling you to see when an unauthorized user is snooping around your inbox.
Others, however, focus more on preventing your system (or device) from being compromised, urging users to adopt best security practices, such as using an anti-malware scanner and making sure your operating system is up to date.
2. Choose safe email passwords.
By now, you should know that “12345” isn’t an acceptable password, but do you know what really makes a secure password? It’s not enough to just use a few numbers or characters, or to make something really long — you’ve got to get creative.
For starters, passwords should never be only in lower or uppercase. Ideally, a password should jump between both in a seemingly random way. Special characters are also a good idea, as are numbers. Yet, a string of 8-10 random letters still won’t be as secure as a long multi-word phrase.
Gmail allows you to use up to 200 characters for your password, meaning that this entire sentence could potentially be a password. Now, while you’re unlikely to create a password that long, a strong password has at least 16 characters (and preferably over 32).
3.Turn on 2-Step Verification.
While a strong password is important, it should never be the only line of defense for your inbox. When you enable 2-Step Verification, anyone attempting to log in to your account will need a special code sent to your phone in addition to your password to gain access to your account.
2-Step Verification requires hackers to know your password and be physically holding your computer or mobile device to gain access to your account. Although it doesn’t protect your email in transit, it does help secure Gmail from unauthorized logins — a huge bonus for protecting the contents of your emails.
4. Recognize and avoid phishing attempts.
Phishing is the practice of sending fraudulent emails to individuals in a ploy to get them to send sensitive information to attackers. In 2013 alone phishing scams were estimated to cause over $5.9 billion dollars in damages.
Don’t want to fall prey to a phishing attack? Whenever you are sent an email that requests your information, don’t click any links in the email itself. Instead, navigate to that company’s website and directly log in to your account there.
It’s also a good idea to beware of red flags, such as legal threats and misspelled words. Finally, if you ever feel the slightest suspicion about the nature of an email, simply call up the company (or organization) that claims to have sent it and ask for yourself.
5. Encrypt your Gmail emails.
Encryption protects your inbox by making the contents of your emails unreadable without a special key. This is the one tool that protects your messages while they’re in transit, so even if an email is intercepted, your information is safe.
While Gmail now encrypts email over their network, their encryption only protects data that is on their servers – not while it is bouncing around on other servers on the Internet, meaning that your data is still vulnerable unless you adopt a solution that provides client-side encryption. Unfortunately, most methods, such as PGP and S/MIME, are complicated to setup and impossible to use without first exchanging keys or certificates with whoever it is you’re trying to send email to.
Virtru: Secure Gmail Encryption
While complicated passwords and multi-step authentication are important, encryption is the cornerstone of any secure Gmail inbox. Virtru enables true client-side encryption using just a plugin. It’s not just for Gmail, either, as Virtru works with Outlook, meaning that you don’t have to worry about compatibility issues when you’re sending email to someone outside of Google’s massive email empire.