Business Insights: Data Analytics for Business Insights

Top Tips for Protecting Gmail from Cyberattacks

Written by Nancy Van Delist | Aug 8, 2023 4:00:00 AM

When it comes to safeguarding online privacy, IT departments tend to consider websites, databases, and cloud storage—email is sometimes an afterthought. Email is the gateway to your organization, connecting employees with colleagues, customers, partners and suppliers.

Yet, that gateway—if not properly secured—can give bad actors access to user accounts and personally identifiable information that can lead to cyberattacks, identity theft, bank account fraud and other scams. People have become the primary attack vector for cybercriminals, and business email compromise (BEC) is now the second costliest cyber-complaint.

Once a bad actor has a user’s credentials, they can access that user’s account, including any contacts, apps or services connected to that account. Gmail is protected by one of the world’s most secure cloud infrastructures. But, in order to get all of the benefits of it, you need to make sure your organization has appropriately configured the available features in Gmail to secure your email services and protect your user data.

To help, here are some common questions to help you assess the strength of your Gmail security:

Is the security built into my email platform enough?

Gmail has built-in security that automatically detects and prevents online threats, while encryption keeps data private at rest and in transit. But safeguarding privacy still requires proper configuration of security settings and patching of vulnerabilities to ensure a secure online experience.

How are we managing user passwords?

A password is your first line of defense. Yet weak, default, popular and overused passwords are a major cause of data breaches. In Gmail, admins can enforce the company’s password policy, so users with a non-compliant password are forced to set a new one at their next sign-in.

Admins can also view and manage security settings for users, and force a password change if they suspect a user’s password has been stolen.

How are we protecting passwords from being stolen?

Two-factor authentication can prevent bad actors from accessing a user’s account, even if they have the user’s password. With Gmail, admins can add or remove security keys for multi-factor authentication, or they can enforce it across the organization. They can also get a backup code if a user is locked out.

How are we mitigating phishing attempts?

Gmail blocks more than 99.9% of spam, phishing and malware for personal information protection. But admins can also turn on enhanced pre-delivery message scanning, so if a potential phishing attempt is identified in an email, it will display a warning or move the email to spam. Admins can also turn on additional safety features for links, images and attachments.

Do we have rules around email forwarding?

Forwarding emails can create security vulnerabilities if external recipients are mistakenly forwarded sensitive data, or information spreads beyond its intended recipients. With Gmail's confidential mode, admins can protect users against accidental or unauthorized sharing by removing the option for recipients to forward, copy, download or print their message.

Confidential mode also allows you to set an expiration date for Gmail messages, require a verification code by text to open messages, or revoke message access. However, it doesn’t prevent recipients from taking screenshots of those messages.

How are we protecting managed devices?

Gone are the days of cubicles filled with hardwired CPUs. Employees may be enjoying the new work-from-anywhere lifestyle, but their devices can be a security risk because they aren’t as easily managed or controlled remotely.

In Google Workspace, admins have access to endpoint management to ensure data is secure across mobile devices, laptops, desktops and other endpoints. Admins can review which devices a user is signed into, and can approve, block or unblock a managed device from the admin console. This is important if an employee leaves the organization, loses their device or notices suspicious activity on their account.

Are we protected against spoofing with an aggressive DMARC policy?

DMARCian is a user-friendly tool that allows admins to monitor the sources sending messages from an owned domain to help identify and authenticate legitimate sources. It also allows admins to implement a DMARC policy to monitor, quarantine or reject emails from untrustworthy sources to protect against spoofing.

How secure are my email integrations?

If users are automatically syncing Gmail with Salesforce, HubSpot, Zendesk, MailChimp or other platforms, they should be authenticated on each service to prevent spoofing. This is where a DMARC policy is essential, so SPF (sender policy framework) and DKIM (domain key identified mail) records are able to verify ownership of sending domains.

Should I work with a partner like Pythian to secure Gmail?

As a Google Workspace partner, we know the ins and outs of Gmail security and can ensure you’re using all security settings correctly—and not inadvertently opening the door to risks and threats. We can also make sure you’re taking advantage of all the latest features, tools and capabilities in Gmail.

Our Email Security Deep Dive offering is a fixed-fee service that ensures you’re taking advantage of every security feature available to you in Google Workspace and that all settings have been configured properly.

Our expertise in SPF, DKIM and DMARC applies to any email platform your organization is running, so we’re able to provide consultation and professional services to improve your organization’s email security across platforms.

Ready to get started?

Email us at info@pythian.com to find out how we can help.