Long gone are the days of yelling “D’oh!” because you forgot to save a document, thanks to online word processors and spreadsheets from Google. But it’s also easy to get complacent and fall prey to G Suite vulnerabilities.
You probably heard about the major phishing scam Google Docs was hit with in May 2017. Google quickly released new security features to end G Suite vulnerabilities. The breach was caused by a malicious app using Google sign-in, but there’s good news: External apps that ask for customers’ data are now more intensely scrutinized (whatever that means).
Anti-phishing measures from Google aren’t new. G Suite already boasts email attachment scanning, Safe Browsing, machine learning-based detection, and extra security measures for suspicious-looking logins. But despite Google’s responsiveness, G Suite vulnerabilities are still a popular threat vector, and both IT admins and users have to stay on their toes.
Third party apps and add-ons
May’s phishing scam via Google Docs was caused by a third-party app taking advantage of Google Sign-In. Add-ons and apps add functionality and boost productivity, but they’re big culprits for creating security holes. To work, they need access to Google accounts, as well as the abilities to edit or delete data and send emails on behalf of users, who can easily install these extras themselves. Be vigilant: Take advantage of the third-party app audit feature in the G Suite cybersecurity service that spots risky apps, and don’t be afraid to bonk permissions with a mallet. Users may complain, but put your foot down.
The features that improve collaboration are the ones most likely to open G Suite up to threats. You’ve probably felt your face go hot upon emailing a document to the wrong person. But there’s more for you to cringe about: You can also share a Google Doc with the wrong user. It’s not the end of the world if it’s to a coworker, but watch out for disgruntled employees exposing proprietary data to an outsider. Luckily, you can put controls in place to govern file sharing, like limiting permissions to read-only. Be sure to take advantage of the admin tools available to audit user behaviour and flag unauthorized sharing.
Unauthorized data access
Not only does accidental file sharing often put data in the wrong hands, but the convenience of the cloud can also lead to unauthorized access through poor password security, stolen credentials, malicious hacking, and stolen devices left logged in. Unauthorized access is one of the more dangerous G Suite vulnerabilities. Once a threat actor is through the door, they can wreak havoc before you even detect them.
Avoid these data breaches by (you guessed it) requiring strong passwords and teaching your users to recognize persistent threats, like phishing scams. Reinforce these best practices by using third-party monitoring tools to spot suspicious activity before it becomes a problem.
You don’t need to worry about constantly hitting Ctrl+S to make sure your latest and greatest version is kept, but other user errors can lead to data loss. In Google Docs, if a file is deleted in one location, it’s deleted everywhere. G Suite does feature a file recovery option, but it’s for a limited window, so a third-party cloud backup tool is essential. It’s inevitable that a user will call you in a panic because they’ve lost a critical file on a deadline. Back up those files, and you’ll be their hero.
Ransomware is now the most persistent threat to organizations around the world. Cloud services are a prime target, including those offered by Google. Reduce the risk of hackers holding your data hostage by teaching your users to spot suspicious emails. And always be sure to patch. Make sure your organization’s software updates are dutifully and immediately applied. If worse comes to worst, you can restore “kidnapped” data through a backup snapshot.
G Suite vulnerabilities demand vigilance
Despite Google’s response to May’s phishing scam with an OAuth apps whitelisting feature—which enables admins to vet third-party apps that tap into user accounts—G Suite vulnerabilities aren’t going anywhere. Threat actors will persist in finding paths to compromise customer data and users will have unfortunate accidents, so it’s up to you to be the first line of defence.
But at least you don’t have to hit Ctrl+S every couple minutes.