With working from home currently being the way the world is doing business, cybersecurity concerns have more critical than ever. Hacking is on the rise, with experts reporting over 4,000 cyber attacks every day in August of 2020. Bad actors are taking advantage of current remote working situations and the lax security that often comes with these arrangements, allowing them to access and exploit data much more quickly than they would have been able to pre covid.
Cybersecurity should be a vital concern of any business, allowing you to keep customer data secure at all times and significantly reducing the risk of a crippling cyberattack. One of the best places to start your new cybersecurity regimen is your Google account. We highly recommended all users take a look, regardless of experience or comfort level, making it the perfect way to dip your toes into the world of cybersecurity.
Perform regular security checkups and check for suspicious activity
Google has made it extremely easy for all users, not just admins, to check their account status with Security Checkup. It provides simple to understand info on compromised passwords, devices with access to the Google account, recent security events, third-party access to your data, and sensitive Gmail settings. This is a great place for you to start your security makeover, letting you get an immediate handle on everything going on with your Google account in one handy hub.
From there, you can move on to checking for recent activity that Google has deemed suspicious. You can do this through the Security Checkup menu by clicking on "Recent Security Events", which allows you to check up on recent events and devices which may have triggered Google's "suspicious" label. You can also check this in your Gmail inbox by scrolling to the bottom of your inbox and selecting "Details" under "Last account activity". This will present you with a list of recent account activities, including the location of sessions, access types, and when the session took place. Once you've ensured that everything looks healthy, you can move on to more severe measures.
Now is the time to turn on 2-Step Verification
One of the best ways to prevent hackers from accessing your Google account is to turn on Google's 2-Step Verification (2SV) feature. Even when passwords are obtained, 2SV will keep them from actually accessing your account. Each time your password is used on a new device, you can choose to receive a Google prompt, a voice or text message sent to your mobile device, a one-time backup code, an authenticator app, and even a physical USB security key for added peace of mind. Be sure to list two methods as you'll get cautioned by Google in your Security Checkup to include two.
2-Step Verification can be enforced by Google admins, but it's highly recommended for all Google accounts to turn it on before enforcement is needed - doing so will save your account from becoming compromised, keeping sensitive data out of the hands of bad actors. All it takes is a few minutes of your time in exchange for complete peace of mind about your account's security.
Get serious about your password strength
Getting serious about passwords is something that will prevent your account from becoming compromised in the future - you should always make sure that you have strong passwords, preferably those generated by a password manager. While these might be too long and complicated to remember, they'll keep your accounts secure and make cracking them far more difficult. Write down your passwords the old fashioned way with a pen and pad or use a password manager like LastPass to track unique passwords. Storing your passwords in a physical notebook, which you keep locked in your desk, is the best way to stay secure - anything digital could potentially be compromised.
Google Admins can enforce password strength guidelines across your organization, but it's highly recommended that all users take the initiative and create their own unique, strong passwords. Doing this gets you into the practice of maintaining strong account security and frees up your IT department to take care of more important tasks. Remember to use your work accounts strictly for work - using these accounts for online shopping or signing up for non-work accounts increases the chances you'll be targeted in the future. As a rule, you should always keep work and personal accounts separated - even if you own the business.
The reality is that without constant reminders, it can be difficult for business owners, senior management, and IT departments to enforce cybersecurity guidelines for their workforce. If you need help handling Google account security and implementing additional advanced cybersecurity measures, consider turning to a company like UpCurve Cloud.
We've been a trusted Google Cloud Premier Partner for decades, working with businesses around the world to implement and maintain strict cybersecurity measures that keep your account locked down and your sensitive data safe and secure. To get started on locking down your business's Google accounts, get in touch with one of our dedicated Google Certified security engineers today.
Contact Us to Learn More about Transforming Your Business