Project Description

📖 4 mins read

Hybrid and Remote Work Security in Google Workspace: Planning for the future

Over the past months we’ve been reading the news headlines. One company after another going either fully hybrid, or remote.

Meanwhile, other companies face challenges getting employees back to the office as workers resist reverting to pre-pandemic work patterns.

According to Accenture, up to 83% of employees think a hybrid work model is currently the best option to strike the right balance and retain remote work privileges.

Today, whatever your company’s post-pandemic workplace vision may be, it’s important to stay well-placed to deal with the new world of hybrid and remote work.

‘’63% of high-growth companies have hybrid work models’’Forbes

In this post we’ll explore hybrid/ remote work security in Google Workspace, highlighting the main areas admins need to look after. 

So fix yourself a lovely cup of tea and tune in:

1. Google Workspace DLP

Data loss prevention is the first on the list for a reason. It becomes even more of a security priority when you’ve got users working fully (or partially) remotely and mostly collaborating in the cloud.

As a Google Admin, here are a few areas to check: 

I. Google Drive file sharing:

    • Build the right Google Drive structure 
    • Audit, Secure and Analyse Internal file sharing
    • Audit, Secure and Analyse External file sharing

Checkout our 6 Best Google Drive Data Loss Prevention Practices for more on the above.

II. Protect sensitive data: 

Does your organization collect and store Personally Identifiable Information (PII), Protected Health Information (PHI), or payment card information (PCI)? 

If so, you’re likely subject to compliance regulations that require you to protect your customers’ sensitive data. 

That’s why when it comes to Google Workspace you need to ensure that certain access rights are ONLY granted to the right users (pun intended).

A few things you can do:

    • Map the events happening on files with sensitive information. Ensure access to these sensitive files is approved by properly appointed Security Officers within your company.
      (GAT Unlock is currently the ONLY solution in the Google Workspace Marketplace that offers such structured workflow)
    • Check these three reports regularly: Google’s Data Protection Insights reports, File exposure report and DLP incidents report.
    • Set up more granular file sharing policies and alerts (Ex: DLP alerts for anytime a doc. that contains sensitive information is shared outside your domain).
    • Manage ownership of sensitive Drive files wisely. Read more.
    • For incident response you can also set up a DLP alert for whenever sensitive information (SSN, Credit Card #, etc…) is typed, copied or pasted in Google Workspace and the Chrome browser. This will cover your users everywhere they work.

      Blog-Hybrid-and-Remote-Work-security-in-Google-workspace-2

2. Identity and Access Management (IAM)

When it comes to managing hybrid and remote work security, confirming the identity of users accessing your cloud data and computing resources is PIVOTAL — and it begins with:

This dramatically limits the chances of IAM incidents related to remote work and boosts your domain’s remote work security.

Check out our roundup of Zero trust for Remote work security here.

You’ll also want to regularly check these TWO Google reports: Failed device password attempts report  and the Suspicious device activities report.

 

Blog-Hybrid-and-Remote-Work-security-in-Google-workspace

3. Secure Browser Activity

Users accessing malicious or risky websites while logged into company Google Workspace accounts got you worried?

Here’s what you can do to mitigate these risks:

 

4. Conduct Regular domain audits

Regular Google Workspace domain audits are part and parcel of every smart Admin’s workflow, regardless of how or where users work.

  • For hybrid and remote work security in Google Workspace, it’s important to carefully monitor unusual spikes in these areas within your admin console.

  • Set up Scheduled reports — they’re a great way to keep your watchful audit eye on, headache-free.

For example GAT’s scheduled Drive Audit reports help admins streamline Drive tasks without having to keep going back in to check important insights.

 

In our new world of ‘remote everything’ apps have become a huge part of how we work. However, not all apps are built the same or request the same security permissions into your Google Workspace environment.

 

5. Manage Risky Downloads

From the classic phishing attachments in emails to malicious files downloaded from the web, downloads can introduce direct or indirect security hazards into your domain. 

Ideally, as an admin you’ll want to use a tool that enables you to Manage Domain-Wide Download through the browser.

Also, Be Weary of those (.exe files) — .exe files are short for “executable file extensions” and they’re most commonly used on Windows computers to install or run software applications.

The problem with .exe files is that they can contain code or execute arbitrary commands which can then wreak security havoc in your domain — Talk about potentially danger, huh?

You can use a tool like GAT Shield to monitor, block, alert and report on .exe
 file downloads across your domain.

 

6. Invest more in employees’ Cybersecurity Awareness

Saving the best for last? — You bet! Your employees’ cybersecurity awareness will always be your company’s first line of defense.

”1 in 3 employees are likely to fall for a phishing scam” — Knowbe4

That’s why regular ‘bite-sized’ awareness initiatives can work wonders for your remote work security game.

That can be through sending employees regular security reminders on things like:

  • Password security
  • Phishing awareness (Maybe share this post on the 5 Tell-Tale Signs of a Phishing Email with them)
  • Online meetings security (Here’s another post for it ;))
  • Information security (Company Data protection practices, compliance regulations, etc.)
  • Device Security (Locking screens, reporting lost devices immediately, etc.)
  • Public Networks (How to connect to Wi-Fi networks safely)

 

Closing thoughts:

As the world around us continues to change at lightning speed, it’s super important to stay ahead of the curve and secure our users and Google environment against hybrid and remote work threats/ incidents.

That can be achieved via robust auditing, monitoring and powerful security tools that take your domain’s security to the next level. As well as, engaging employees in regular security awareness initiatives.

 

Got any Admin questions about Hybrid and Remote work security in Google Workspace? — Drop us an email on help@gatlabs.com — Our Workspace gurus are always happy to help.

Thanks for sharing and spreading the word!