Hybrid and Remote Work Security in Google Workspace: The Admin’s Blueprint

How to plan your future remote work security in Google Workspace?

Over the past months, we’ve been reading the news headlines. One company after another going either fully hybrid or remote.

Meanwhile, other companies face challenges getting employees back to the office as workers resist reverting to pre-pandemic work patterns.

According to Accenture, up to 83% of employees think a hybrid work model is currently the best option to strike the right balance and retain remote work privileges.‘

’63% of high-growth companies have hybrid work models’’ – Forbes

Today, whatever your company’s post-pandemic workplace vision may be, it’s important to stay well-placed to deal with the new world of hybrid and remote work.

In this post we’ll explore hybrid/ remote work security in Google Workspace, highlighting the 6 main areas admins need to focus on.

Hybrid and Remote Work Security in Google Workspace: Planning for the Future

 

1. Google Workspace Data Loss Prevention (DLP)

Data loss prevention is the first on the list for a reason; it becomes even more of a security priority when you’ve got users working fully (or partially) remotely and mostly collaborating in the cloud.

As a Google Admin, here are a few things to check: 

I. Google Drive file sharing:

• Build the right Google Drive structure 
• Audit, Secure, and Analyse Internal file sharing
• Audit, Secure, and Analyse External file sharing

Check out our 6 Best Google Drive Data Loss Prevention Practices for more on the above.

II. Protect sensitive Drive data: 

Does your organization collect and store Personally Identifiable Information (PII), Protected Health Information (PHI), or payment card information (PCI)? 

If so, you’re likely subject to data compliance regulations that require you to protect your customers’ sensitive data. 

That’s why you need to ensure that certain access rights are ONLY granted to the right users (pun intended)across your domain.

Here are a few things you can do:

• Map the events happening on files containing sensitive information.
• Ensure access to these sensitive files is approved by properly appointed Security Officers within your company.
  (GAT Unlock is currently the ONLY solution in the Google Workspace Marketplace that offers such structured workflow)
• THREE reports to check regularly: Google’s Data Protection Insights reports, File exposure report, and DLP incidents report.
• Set up granular file-sharing policies and alerts (Ex: DLP alerts for anytime a doc. that contains sensitive information is shared outside your domain).
• Manage ownership of sensitive Drive files wisely.

For incident response, you can also set up a DLP alert for whenever sensitive information (SSNs, Credit Card #, etc…) is typed, copied, or pasted in Google Workspace and the Chrome browser. This will cover your users everywhere they work.

Check out our blog 6 Ways to Improve HR Data Privacy Compliance in Google Workspace.

 

2. Secure Identity and Access Management (IAM)

When it comes to managing hybrid and remote work security, confirming the identity of users accessing your cloud data and computing resources is PIVOTAL — and it begins with:

• Enforcing 2-Step Verification for admin accounts and key users who work with sensitive data.
• Consider Zero trust authentication to make the user identity verification process constant, rather than a single event at login. This dramatically limits the chances of IAM incidents related to remote work.

• Checking Google’s user login attempts report regularly.
• Monitoring log-ins from abroad —If you’ve got employees working remotely from abroad, you need to stay alert on suspicious logins from ‘unexpected’ areas since it’s one of the tell-tale signs of a compromised Google Workspace account.
• Mapping Employee Devices — Make sure to secure corporate access on personal devices. 

Check out our roundup of Zero trust for Remote work security here.

You’ll also want to regularly check these TWO Google reports: Failed device password attempts to report and the Suspicious device activities report.

 

3. Secure Chrome Browser Activity

Users accessing malicious or risky websites while logged into company Google Workspace accounts got you worried?

Here’s what you can do to mitigate these risks:

• Block site categories for users across multiple OUs — Control which websites users can access. Block any website or category of websites you deem risky or irrelevant, or even block websites within certain time windows only.

 

4. Conduct Regular Domain Audits

Regular Google Workspace domain audits are part and parcel of every smart Admin’s workflow, regardless of how or where users work.

For hybrid and remote work security in Google Workspace, it’s important to:

• Monitor unusual spikes in these areas within your admin console. 
• Set up Scheduled reports — they’re a great way to keep your watchful audit eye on, headache-free.

(Using GAT’s scheduled Drive Audit reports helps admins streamline Drive tasks without having to keep going back in to check important insights.

• Conduct App Risk Assessments — In our new world of ‘remote everything,’ apps have become a huge part of how we work. However, not all apps are built the same or request the same security permissions in your Google Workspace environment.

 

5. Manage Risky Downloads

From the classic phishing attachments in emails to malicious files downloaded from the web, downloads can introduce direct or indirect security hazards into your domain.

Ideally, as an admin, you’ll want to use a tool that enables you to Manage Domain-Wide Download through the browser.

Also, Be Weary of those (.exe files) — .exe files are short for “executable file extensions” and they’re most commonly used on Windows computers to install or run software applications.

The problem with .exe files is that they can contain code or execute arbitrary commands which can then wreak security havoc in your domain — Talk about potential danger, huh?

You can use a tool like GAT Shield to monitor, block, alert and report on .exe file downloads across your domain.

 

6. Invest More in Employee Cybersecurity Awareness

Saving the best for last? — You bet!

Your employees’ cybersecurity awareness will always be your company’s first line of defense.

”1 in 3 employees are likely to fall for a phishing scam” — Knowbe4

That’s why regular ‘bite-sized’ awareness initiatives can work wonders for your remote work security game.

That can be through sending employees regular security reminders on things like:

• Password security
• Phishing awareness (Maybe share our post the 5 Tell-Tale Signs of a Phishing Email with them)
• Online meetings security (Here’s another post for it ;))
• Information security (Company Data protection practices, compliance regulations, etc.)
• Device Security (Locking screens, reporting lost devices immediately, etc.)
• Public Networks (How to connect to Wi-Fi networks safely)

 

Closing Thoughts

As the world around us continues to change at lightning speed, it’s crucial to stay ahead of the curve and secure our users and Google environment against hybrid and remote work threats/ incidents.

That can be achieved via robust auditing, monitoring, and powerful security tools that take your domain’s security to the next level, as well as engaging employees in regular security awareness initiatives.

 

Found this post helpful? Follow up with our next piece The Admin’s Google Drive Management Playbook.