7 Tips for Keeping Your Company's Gmail Account Safe
We learned that Gmail rules the world last January, when the email service crashed for two full hours. The event caused millions of professionals (myself included) to panic. As The Onion explained, “Google Shuts Down Gmail For Two Hours To Show Its Immense Power,” and now we are afraid to let our guards down again.
With Heartbleed as a recent memory and a small Gmail hacking crisis early last month, we have become all-too-aware of our Gmail dependence. Without our company Gmail accounts, our professional lives could be irrevocably changed for the worse.
To protect you and your co-workers from any future devastation, here are several tips for keeping your company’s Gmail account safe:
1. Use LastPass
This tip applies to all log-in information — not just keeping your Gmail account safe. LastPass securely remembers your passwords through the cloud so that you never have to physically type out your password to gain access. LastPass is a more secure way to log in: your computer doesn’t have your password information, you never have to remember (or write down) variations of your passwords, and you will be safer in a public Wi-Fi environment. This allows you to come up with more elaborate passwords in the confidence that you don’t have to memorize them and feel safe that nobody can access your log-in information — not even LastPass itself.
2. Enable Two-Step Verification
Google now allows you to sign up for two-step verification. This means that each time you log in, Google will send you a text message with a verification code. It may be a slight inconvenience to have to log in via text each time, but that extra step helps guarantee that you are you and nobody else. As an extra precaution, make sure your phone has a passcode, preventing others from using your phone or getting access to sensitive information.
3. Investigate the “Details”
Did you know that you have a “Details” button in the lower right-hand corner of your Gmail inbox? This button shows all of your recent activity, including each time you have logged in and from where. You can use the “Details” button to investigate if you suspect suspicious activity on your account. Yet don’t worry too much: Google also actively monitors the Details page and will alert you if they find any suspicious activity. When looking at the Details page, you also might notice a lot of activity on your accounts that you feel you didn’t commit. Just remember all of the times you checked Gmail through your phone. Details can also show you just how dependent you are on your Gmail account, even if nobody is hacking.
4. Set your Google Account Recovery
Somebody hijacks your account and changes your password. What do you do? If you set up a Google account recovery backup, you can use your phone or backup email to regain control of your account. While Google Account Recovery is a powerful tool, it is not mandatory. Make sure to check whether you have set your account recovery right away. You will be eternally thankful for it if you ever do get hacked.
5. Disable Google Applications and Website Access
Be sure to check your account permissions from time to time. This list of current account permissions tells you each site that allows you to log in using your Google account and each time you’ve given permission for an application to access your personal information. Set up a date on your calendar every other month to revoke permissions from the junky and useless sites — especially if you’ve never heard of them before.
6. Bring HTTPS Everywhere
When you log in to your online banking or your Gmail account, you may notice a tiny padlock icon next to your address bar. That icon exists to tell you that the site is encrypted, living among the most secure sites on the web. HTTPS lends greater security to its users. While your Gmail account is always encrypted when checking your inbox, leaving your Gmail page can be scary. We recommend using the browser add-on, HTTPS Everywhere, which converts popular websites to encrypted sites, enhancing your security while you browse.
7. Just Use Common Sense
While browsing the internet and using your Gmail account, be sure to carry your activities meaningfully and cautiously. Make a habit of checking the address bar before entering login information. This simple action ensures that you are where you want to be. Also make sure that login forms are definitely Google’s and not some look-alike. Hackers also try to lure you in with free Wi-Fi connections, deviously named something like “Free Starbucks”. When accessing public Wi-Fi, be sure you are connecting to the service your vendor offers.
Security is of the utmost importance to any business. While these 7 steps will help your security on the web, premium security software skyrockets your protection. Look at resources like our Top 10 Endpoint Security Management report and our Enterprise Data Storage report to compare software solutions in their ability to efficiently protect your data or the data of an entire company.
[Image courtesy of John Watson]