Secure Socket Layer (SSL) is a setting of which most users of emails are unaware but is crucial if you want to securely send and receive emails. The setting is found as part of most email platforms including Google Apps.
The SSL security feature is important for employees accessing Google Apps (and other email platforms) through non-secure internet connections such as on computers connected to public terminals including public hotspot hotel, cafes and airports.
Unless the SSL security feature is enabled, hackers can intercept the data packets on the network and obtain any unsecured information including passwords, bank details and credit card information.
Enabling SSL protects you by encrypting your data making it harder for hackers to get in. There are of course some issues with SSL. Namely, it can sometimes make Gmail and other Google Apps browser applications run a little slower particularly if your internet connection is already slow. However, in the bigger scheme of things, this is a small price to pay for an enhanced secured network.
An extra level of security that we recommend is to use Google Chrome version 13 and upwards. This web browser series forces all Google Apps data to be encrypted regardless of whether or not SSL is activated. While we recommend this, SSL activation is ideal as it does not rely on employees’ choice of using a particular web browsing platform.
Your email applications such as Outlook or Apple mail would be setup using SSL so the data communication is encrypted. However, unlike with Google Apps, hackers are able to use software to extract the saved passwords in these applications. With these email platforms we recommend you set up a 2-step authentication application password for better security. Refer to last weeks blog for instructions on setting this up http://www.onsitehelper.com/index.php/blog/99-2-step-authentication
How do you know if you’re using SSL or not?
Simple, in your browser the URL will be https:// if using SSL. If not using SSL it will read http:// (missing the s). Also there should be a little padlock symbol before https://
How to enforce SSL for your users in Google Apps.
To enable this feature:
- Sign in to the Google Admin console. https://admin.google.com
- Click Security > Basic Settings.
- Under the General tab and in the SSL section, check the box next to Enable SSL.
- Click Save changes.
If you use any other cloud based Apps, it’s worth checking if you can secure these with SSL as well.