Cloud Computing

Google Drive Security Best Practices

20 February, 2019

While people tend to compare file storage service Google Drive to its biggest competitor, Dropbox, there’s a good argument to be made that the two platforms serve fundamentally different markets. Google Drive has tons of special appeal to enterprise clients: It’s great for collaboration, offers 15 GB of free storage, and allows access to the entire G Suite ecosystem of apps. But none of Google Drive’s features will do much good if enterprises aren’t able to secure what they store on it.

Businesses are responsible not only for their organization’s data, but for that of their employees and customers. That means that your clients should understand Google Drive security best practices inside and out if they’re going to make use of the platform’s considerable advantages. In this blog post, we’ll go over some common G Suite security concerns and explain what you can do to make your clients’ data less vulnerable.

What are some email security issues?

Some of the most widespread and financially damaging forms of cybercrime today take place over email, underlining the importance of G Suite email security. Phishing and pharming are two of the more common types of email scams that businesses have to be on the lookout for. While they are fairly similar, it’s helpful to understand the difference so you know what to look for when seeking out potential threats to the security of your Gmail account. Unlike other hacking approaches, phishing and pharming can typically be warded off through reliance on basic security best practices.

Phishing is the use of deceptive tactics to get an email recipient to reveal sensitive information to a hacker. An employee might receive an email that appears to come from your HR department. The email provides a link to what it says is your company’s new vacation policy. When the employee clicks on the link, they are asked to enter their G Suite credentials in order to see the document. But once they do, the employee reaches a dead end—the page they signed into was a “spoofed” page designed by a hacker to look just like Google’s sign-in page, allowing the hacker to phish your employee’s credentials and gain access to all the files in your Drive.

Pharming, by contrast, doesn’t depend on someone clicking on a deceptive link that directs to a spoofed page. It involves the hijacking of legitimate domains so that you’re redirected to web pages fabricated by the hacker, even if you typed in the URL to the legitimate domain. These attacks can only be stopped with careful attention to detail—users must always be on the lookout for websites that look suspiciously different than they did during previous visits. In the case of phishing attacks, you can identify potential threats by noting modified URLs or watching for strange language or requests coming from entities you’d otherwise trust.

Is Google Drive data encrypted?

In some cases, it’s not enough to simply take special care when entering sensitive information online—and many threats require strong data encryption to ward off these attacks. Luckily, Google Drive does offer 256-bit SSL/TLS encryption for files in motion and 128-bit AES keys for everything else, as well as two-step verification.

That said, Google Drive has seen its share of security vulnerabilities exploited. Hackers have taken advantage of weak servers that don’t support Google’s version of encryption, and security experts note that a man-in-the-cloud attack could be used to bypass encryption altogether by stealing a user’s synchronization code.

All this goes to show that while Google’s encryption is important, it’s best to add your own layer of third-party encryption to strengthen your defenses against clever attacks like these.

Is my email server secure?

As part of G Suite security best practices, Gmail servers are protected by data encryption and by two-factor verification. But that’s not all you can do to make sure an enterprise’s email systems aren’t compromised. If you have Google Drive security concerns, implementing some or all of the following measures can make the difference in safeguarding an organization’s sensitive information:

Access control: You can control user permissions so that employees only get access to the files they absolutely need in order to do their jobs. The less accessible data is to employees, the less accessible it is to hackers trying to steal it from them.
Firewall: A strong firewall will help ensure that only authorized users gain access to the network and prevent outside parties from gaining access to systems that contain protected data.
Intrusion detection: Enterprises have access to plenty of tools—such as unified threat management solutions—that can alert them in the event that a system is compromised, making it far more likely that the damage can be contained.
Antivirus software: Every device on an enterprise network should have some kind of antivirus running to detect potentially harmful websites and prevent malware from being downloaded.
Limit connections to your server: To avoid Distributed Denial of Service (DDoS) attacks, try to keep the number of devices that can connect to your SMTP server to a minimum.
Activate Reverse DNS: Reverse DNS Lookup verifies the IP address of every email’s sender, effectively blocking any emails that come from people looking to hide or spoof their identity.

Google Drive and Gmail have clear advantages for enterprise users—now, armed with the right information, you can enjoy these benefits secure in the knowledge that your intellectual property, as well as the personal data of your employees and customers, is safe from outside threats.