Protecting Your Google Workspace Business Accounts

Introduction

In the digital era, safeguarding business accounts is akin to fortifying a castle. With hackers constantly devising new siege tactics, it's vital to reinforce the walls of your business's digital fortress. This guide will offer clear, practical steps to enhance the security of your company's accounts.

Table of Contents

1. Unique Passwords: Your First Line of Defense

2. Two-Step Verification: The Security Checkpoint

3. Recovery Information: Your Safety Net

4. Backup Codes: The Emergency Escape Plan

5. Multiple Super Admin Accounts: Diversifying Command

6. Preparedness for Super Admin Password Reset

7. Super Admin Sign-in Practices: Avoiding Unnecessary Risks

8. Auto-Update: The Self-Updating Shield

9. Enhanced Email Scanning: The Digital Sentry

10. Malicious File and Link Screening

11. Preventing Your Emails from Being Marked as Spam

12. Restricting Calendar Sharing

13. Controlling File Visibility and Sharing

14. Tools and Services to Enhance your Capabilities

1. Unique Passwords: Your First Line of Defense

Think of a password as the key to your digital kingdom. Unique, complex passwords are like having a custom-made, unreplicable key. Avoid reusing passwords across different realms, like email and banking. It's like ensuring each door in your castle has a different, secure lock.

Create a strong password & a more secure account

2. Two-Step Verification: The Security Checkpoint

Two-Step Verification (2SV) acts like a vigilant guard who double-checks everyone's identity. Even if a rogue agent steals your key (password), they can't get past this guard without the second form of identification, like a physical token or a code sent to your phone.

Protect your business with 2-Step Verification | Deploy 2-Step verification

3. Recovery Information: Your Safety Net

Adding recovery information to admin accounts is akin to having a backup plan when you lose the keys to your castle. It ensures that if an admin forgets their password, they can easily regain access through alternative means like a phone or an email.

Add recovery options to your administrator account

4. Backup Codes: The Emergency Escape Plan

In scenarios where 2SV methods are inaccessible, backup codes act like hidden passageways out of a locked room. Admins and users should generate these codes and keep them securely, like treasure maps hidden away from prying eyes.

Generate and print backup codes

5. Multiple Super Admin Accounts: Diversifying Command

Having more than one super admin account is like appointing multiple trusted knights to guard your kingdom. This way, if one knight falls, another can take charge, ensuring uninterrupted governance and security.

Assign administrator roles to a user

6. Preparedness for Super Admin Password Reset

Sometimes, even the mightiest knights forget their keys. In such cases, it's essential to have all the necessary information and credentials handy to prove your identity to the kingdom's allies (like Google Support) and regain access.

Security best practices for administrator accounts

7. Super Admin Sign-in Practices: Avoiding Unnecessary Risks

Super admins, holding immense power, should avoid staying continuously signed in. It's akin to a king not wearing his crown in public to avoid drawing unnecessary attention and risk.

Pre-built administrator roles  | Security best practices for administrator accounts

8. Auto-Update: The Self-Updating Shield

Keeping apps and browsers auto-updated is like having armor that self-repairs and improves over time, staying ahead of attackers' weapons.

Auto-update policies

9. Enhanced Email Scanning: The Digital Sentry

Activating enhanced pre-delivery message scanning in Gmail is like having a sharp-eyed sentry who scrutinizes every messenger (email) for disguised threats, ensuring the safety of your court.

Help prevent phishing with pre-delivery message scanning

10. Malicious File and Link Screening

This feature in Gmail is like having a sage advisor who examines every scroll (attachment) and visitor (link) for curses (malware) before allowing them into your castle.

Advanced phishing and malware protection

11. Preventing Your Emails from Being Marked as Spam

Setting up SPF for your domain is like having a herald who announces your messengers, ensuring they are recognized and welcomed in other kingdoms (inboxes) rather than turned away as imposters (spam).

Authorize email senders with SPF

12. Restricting Calendar Sharing

Limiting calendar sharing is like keeping your kingdom's schedule and plans confidential, only revealing what is necessary to allies.

Set calendar visibility and sharing options

13. Controlling File Visibility and Sharing

Ensuring that only the creator of a document can share it is like having a seal on a scroll that only the author can break. This prevents unintended eyes from viewing sensitive information.

Set the default for link sharing

14. Warn Users about External Sharing

If you let users share files with external people, make sure they get a warning when they attempt to do this. The warning prompts them to confirm that they want to share the file with someone outside of your company.

Don't let users in your organization share with anyone

15. Tools and Services to Enhance your Capabilities

We offer a range of services to enhance your security posture. API-based email security, Drive compliance management, backup and restoration, password management, and much more.

Conclusion

As LeewardCloud.io champions 'safety by nature', we understand that securing your business's digital assets is not a one-time task but a fundamental aspect of your operations. This approach ensures your business is naturally equipped to handle digital threats, fostering a secure and prosperous business environment.