Do you secure Google Workspace logins for students from abroad?
If there’s one thing we learned from the grand e-learning shift of 2020, it’s that our school’s digital classroom management and cybersecurity operations are essential for smooth and secure remote learning.
Recently, while doing research on logins to Google Workspace, we recently noticed a large number of logins to domains from outside their home country. In particular to US school domains.
And even with schools allowing students and staff to remotely learn and work from abroad, we still suspect a large number of these logins are not legitimate.
Why Do Schools Need to Secure Google Workspace Logins from Abroad?
1. School students are highly susceptible to account theft.
- They tend not to have 2FA enabled.
- They use their accounts or passwords on dubious sites. They might not even realize that they’re co-sharing their accounts with overseas individuals.
2. Logins from ‘unexpected’ areas abroad are one of the TOP tell-tale signs of a compromised Google Workspace Account.
Even with schools allowing students and staff to log in from abroad, admins need to know which countries they’re logging in from. We’ll discuss this in more detail below.
3. Cyber thieves are well aware of this remote shift.
And tend to fully exploit any security gaps therein.
That’s why they wouldn’t sweat much about being detected via geolocation tracking — which is exactly why you need to monitor it closely.
How Schools Secure Google Workspace Logins from Abroad?
1. Monitor Login Activity
First, prepare a list of areas/ countries where you’d expect your users to log in.
Once this list is ready, ‘whitelist’ those areas and investigate domain logins from outside the scope you specified.
You can also set up alerts for logins from outside this scope to stay in the know of things.
This will help you spot compromised accounts better and act fast before malicious actors get a chance to cause any real damage.
Especially dubious sites, as this helps attackers steal their login details via credential stuffing.
3. Enforce 2-Step Verification for All Users on Your Domain
You and your users play important roles in setting up 2-Step Verification.
Learn more about how to deploy 2-Step Verification for your domain here.
4. Check Suspicious Logins with Relevant Account Owners
Have they lost their device? Did you check in from another country recently?
That way you get the full picture and can quickly act upon viable suspicions.
Finally, we recommend that school admins stay vigilant to our TOP tell-tale signs of a compromised Google Workspace account to better secure users’ learning and teaching remotely.
Audit. Manage. Protect.
Discover how Management & Security Services can help you with deeper insight and on-call, personalized assistance.