This week, we discussed Google Apps for Business and the security that backs it: The facts, myths and features of Google Apps for Business and The steps Google takes to ensure Privacy and Security of your Business Information. In this final part of our series, we are going to explore what additional steps your business or organization can take to further enhance the security.

2-Step Verification

When hackers crack an account, they have easy access to all account data. Two step verification stops hackers in their tracks. Even with compromised passwords, hackers hit a roadblock when 2SV is enabled. Two-factor authentication is a free tool that is built directly in to Google Apps. 2SV requires users to enter a unique access code –received via text, phone call, or back up codes– in addition to their username and password upon signing in to their account. It’s a powerful security measure, yet very simple:

1. Sign in as usual

2. Enter the verification code

Google Apps Administrators can choose to allow users to opt in to 2SV, or require 2SV for users in their domain. For more details, check out our previous blog post, 2-Step Verification for Google Apps.

Chrome Browser

Accessing Google Apps using Chrome browser is recommended not only because it enhances functionality of Google Apps, but also because it keeps you safe. Chrome features built-in malware and phishing protection and updates automatically upon every restart. Since Chrome auto-updates for the latest security fixes, the browser helps protect you from viruses, malware and phishing attacks. Chrome uses Google’s “Safe Browsing” security technology, which ensures that you will receive warnings when visiting any sites that match Chrome’s list of phishing sites and/or sites containing malicious software.

SSL and https

Google Apps Administrators have the power to enable SSL (Secure Socket Layer) connections for an organization, and therefore force HTTPS (Hypertext Transfer Protocol Secure) for users accessing Google services. SSL connections ensure that data like email, chat and web browsing is secure when its transmitted online, and users are less likely to fall victim to hijacking attempts.

What happens when an employee leaves the company?

Google Apps Administrators have access to manage and deprovision each user’s Google Apps account in their domain. After an employee leaves the company, Administrators can reset the user’s password to ensure that sensitive and private company information cannot be accessed and can remain internal. Further, Admins can transfer ownership or export data such as emails, calendars, documents or groups from the employee’s account. After ensuring all data is transferred or exported appropriately, Admins can suspend or delete a user’s account. Check out Dito’s previous blog post, Guide and Best Practices for Google Apps Admins: Deprovision User Accounts for more information.

If you have any questions regarding the information provided in this blog post, feel free to contact us directly, or, leave your comments below.