Many of my customers use Google Apps (now known as G Suite) for their business email, calendar and storage space. G Suite is a pretty secure platform for paid users. However, many times, G Suite users do not take the proper steps to make sure their data is extra secure.
Over the past few years, I have received more and more notifications from customers that their email system was hacked. Below are a few easy-to- follow tips to make sure your organization’s email (on Google) is protected against hacks. Obviously nothing online is 100% secure, but following some of these tips below will really help avoid or mitigate an attack.
Tip #1 Stronger Passwords for Your Staff
Try not to use passwords that are easy to remember. Google will tell you if your password is weak, fair, good or strong. A weak or fair password today is going to be something like, “m@cGeek01” or “Ch@rger$Fan1.” The stronger passwords will be like this: “RruFs9TA6HjGJT.” Those are a royal pain, I know! In order for me to keep track of email passwords like that, I use a password “vault” to help remember these things. Check out: 1Password or Callpod Keeper.
Tip #2: Turn On & Require Two-Step Authentication for Everyone
Two-Step Authentication is a pretty standard practice these days. Financial institutions such as banks, investment firms and credit card companies have been using two-step security for years. If you are unfamiliar with what it is or what it looks like, here is a quick example. When you go to a site to purchase stocks or check out your financial portfolio, chances are two-step authentication is turned on.
When you type in your username, you’ll normally get a text message or phone call with a 6 to 8 digit unique passcode. This passcode normally expires in a few minutes. This helps keep hackers out, because they would need access to your mobile device to get that unique passcode.
Click on the links to learn more about two-step for Google Two Step or to see the steps to turn this feature on. If you are managing the company’s G Suite account, make sure you make this step mandatory for all users. This is especially important if you are using Google Drive to store your important company files. You don’t want a single employee with this feature turned off and a weak password to be the “in” for a hacker and potentially expose your files.
Tip #3: Changing of Passwords and Checking Email Forwarding Features
This last tip applies if you already were hacked or you think you might have been hacked. Two quick things to do (besides following the tips above: turning on 2-Step) is to 1) Change your password and 2) Check your email forwarding features. Make sure the hacker did not setup an email forwarding address. Sometimes a hacker can be tricky by forwarding emails to their account. This will go undetected most of the time.
G Suites: OK to Use or Not OK?
One final comment about this subject. When your account gets hacked, it is normal to have doubts about the online account you are using. If your Gmail is hacked, you might think, “Oh maybe I should be using Microsoft instead?” If you are using Dropbox for file storage and get hacked, you might think it is time to look for another platform. Don’t let hackers win! Those creeps are always looking for ways to access accounts. All online suites or cloud software are not hacker proof. Just about everything created today has limits and is potentially vulnerable. Remember, back in the day before computer hacking was a normal thing, we had to protect our data from physical thieves, fire or acts of God.
So don’t panic! Take these steps NOW to help protect your company’s email and file system! If you get stuck or have a question, let me know.