Is G Suite secure?

 
 

Are you working to embrace modern, secure cloud-based services like G Suite? Let us help! Google incentivizes us to help organizations of all shapes and sizes so we're often able to assist at not cost to you.

Is G Suite Secure? 

Traditionally only the world's wealthiest organizations had access to state of the art security. Not anymore. The short answer is, "Yes, G Suite absolutely crushes the security of the legacy platform you have now." A closet, even a big one, is not a data center. This is a data center. When you leverage G Suite, several of these facilities are powering your services. 

This video tour of a Google data center highlights the security and data protections that are in place at our data centers.

How to make G Suite more secure

Google provides a range of security features for G Suite Administrators. We recommend the following. 

Enable 2-Step Verification

g_suite_is_secure.png

Most people only have one layer – their password – to protect their Google account. With 2-Step Verification, if a bad guy hacks your password, he'll still need your phone or Security Key to get into your account. Administrators can enforce 2-Step Verification policies across Users and Organizational Units. 

Disable IMAP & POP access

Data Loss Prevention (DLP) is a popular compliance topic. It's also an important security topic. You can only protect what you can see and control. Post Office Protocol (POP) and Internet Message Access Protocol (IMAP) are 30+ years old. It's time to say goodbye. IMAP is like giving every employee (or anyone with access to employee credentials) a fleet of giant data dump trucks they can fill up and leave wherever they please. These trucks aren't just on loan either. IMAP allows someone to take everything out of your system. Once it's out, it's gone. "We fired an employee, please change their pw asap!" ... if they configured IMAP on a personal computer, all their email is going with them. IMAP is still a very handy technology for many use cases, you can control this setting by Organizational Unit should you have a mail-enabled application or other need to support the IMAP protocol. 

Disable Automatic Forwarding

This creates a very similar situation to allowing IMAP access. Rather than a giant data dump, automatic forwarding is a constant stream. Data comes in and simultaneously goes out. Not good. Turn it off. Situations requiring Forwarding can be addresses via your G Suite Control Panel. This can also be managed at the Organizational Unit level. 

Deploy Mobile Device Management

can_g_suite_manage_mobile_devices.png

Yes, adding Mobile Device Management (MDM) to your G Suite Admin Control Console costs a small fortune. But you can't put a price on security! ...oh wait, Mobile Device Management is already included and ready to go at no extra cost. The last remaining reason to delay MDM deployment, complexity, is now gone as well. Google's MDM now supports Basic Mobile Device Management via an agentless setup for Android and iOS. The User doesn't have to do or install anything! When Basic Mobile Management is enabled, admins can:

  • Enforce a device screen lock.
  • Wipe a corporate account (but not the entire device).
  • View, search, and manage their device inventory.

Deploy Chrome OS Devices

Chrome OS closes off the most entry points for viruses and malware. You can’t install traditional programs at all, the browser and individual pages run locked inside “sandboxed” areas of memory. Every time the Chromebook starts up, it does a self-check called "Verified Boot." If it detects that the system has been tampered with or corrupted in any way, typically it will repair itself without any effort, taking the Chromebook back to an operating system that’s as good as new. When using web apps on a Chromebook, all important data is stored safely in the cloud. Certain kinds of files, like downloads, cookies, and browser cache files, may still be present on the computer. The Chromebook encrypts this data using tamper-resistant hardware, making it very difficult for anyone to access those files.

Chrome OS also downloads and installs its own security updates automatically. And since it stores your data online, even if you lent your device to Starman, all your data is safe and sound. 

Best of all, you can control all your devices from the web

Work with a Partner! 

Are you working to embrace modern, secure cloud-based services like G Suite? Let us help! Google incentivizes us to help organizations of all shapes and sizes so we're often able to assist at not cost to you. This is all we do, all day long. Better, faster, stronger. That's our business.