BLOG

5 Tips To Lockdown Your Google Workspace Security

5 Tips To Lockdown Your Google Workspace Security for medium-sized businesses

Google Workspace Security for medium-sized businesses - Onsite Helper

#1: Have your users complete a Security Check-up

The Security Check-up needs to be done by each user. Moreover, it is recommended to do this every few months to ensure there are no issues.

For this, instruct your users to go to //myaccount.google.com/security-checkup

This will show the apps that have access to your data at all times, and automatically provide you with personalized guidance to improve the security of their Google accounts.

An example of good practice is to remove your Google account from old mobile phones. We believe it’s really important for your users to understand the information that is shared with apps or sites so that you can help keep everyone in your organization safe.

#2: Enforce 2-step verification.

Two-step verification (2SV) is one of the best ways to prevent someone from accessing your account, even if they steal your password. Moreover, 2SV can reduce the risk of successful phishing attacks by asking employees for additional proof of identity when they sign in.

In Google Workspace, admins have the possibility to enforce 2SV on new accounts. Still, there is the option of a grace period for new accounts. It’s a good idea to make the grace period a week or two as it is difficult for new employees to setup 2SV on their first login.

Another recommendation is to not allow verification codes via text or phone call. This is because cybercriminals can sometimes redirect or “port your number” over to another provider so if they have your email and password and redirect your number, they can login to your account.  Using the “Google prompt” or “Google Authenticator” methods on your mobile phone are much more secure.

See below a guide on enforcing 2SV on your domain.

Bonus Tip:  If staff are unable to get their 2SV code (e.g. lost or changed mobile phone), you can retrieve a “backup code” from the user account security settings in Google Workspace admin console.

#3: Help Prevent Phishing and Malware Emails from Reaching Your Staff

As a Google Workspace administrator, you can protect users’ incoming mail against phishing and malware and choose what action to take based on the type of threat.

For example, you can choose to move suspicious content to your Spam folder or leave it in your inbox and display a warning. All the security settings can be tailored for different users and teams using organizational units.

Note: Although Gmail already displays warnings and moves emails known to be untrustworthy to spam, the settings in this article capture additional unwanted or harmful emails.

Onsite Helper recommends the following settings for the majority of their clients:

#4: Specify Which Devices Can Access Your Google Workspace Data

Google has recently released a great security feature that can help secure your company’s data, known as Google Workspace Endpoint Verification. Endpoint verification is a Google Chrome extension that syncs with your Google Workspace domain to verify the device your working on as to allow or deny access.

This is great for businesses who wish to have tighter control of their data, as it enables them to set restrictions to Gmail, Google Drive and all the other cloud apps to approved devices only.

A common request we had from many clients was to only enable Google Workspace access from office computers. They don’t want access to all their information from devices out of the office. This new feature allows this level of security to be enabled.

Watch this video to see how to set this up

#5:  Setup Team Drives to Prevent Sharing Sensitive Company Data Externally


A big issue with Google Drive is that managing security permissions and file ownership is a difficult task.

It’s not rare to hear stories of files and folders going missing after an employee has left. Or stories about a data breach as someone shared a top-level folder without knowing that all the subfolders inherit the top-level folder, thus sharing data with people outside of the organisation.

This is where Team Drives would have prevented these two common issues from happening. Team Drives has “Team Sites” and the “Team Sites” takes over the ownership of the file preventing it from being deleted as well as controlling the permissions for all the folders and files to prevent external sharing of your confidential data. You can still share externally, but you will have a designated “share space” for those files.

Team Drives also improves efficiencies for staff to find the data they need.

Keep in mind: Team Drives is only available for Google Workspace Business or Enterprise licences.

In Conclusion

Google Workspace can be the tool to really drive businesses forward with collaboration and efficiency.

However, like with any tool, you really need to invest time to learn so you can take advantage of its features. Being mindful of the less exciting items like licence management and security is just as important so continuous reviews should be made to bridge any gaps.

If you’re not a Google Workspace expert, then it’s a good idea for your business to use a Google Workspace partner so they can provide ongoing value to your Google Workspace experience.

It may even be a better idea to offload all of these tasks to your Google Workspace partner so they can manage it correctly for you and provide ongoing support to your staff. Finally, Google Workspace partners can keep you informed about the latest features of Google Workspace as well as special upgrade promotions, which your business can take advantage of.

Some related information:

Tools for Productivity

  • Drive File Stream
  • Drive file stream update to avoid Microsoft Office conflicts
  • Drive Backup & Sync
  • Hangouts Chat
  • Hangouts Meet
  • Google Chromebox for meetings
  • New Gmail features
  • Google Workspace Cloud Search
  • Google Workspace Training app
  • Google Classroom

Tools for Security

  • Team Drives  
  • Security Centre for Google Workspace
  • Google Vault
  • New Multifactor Authentication: Google Prompt
  • Google Workspace device inventory

Setup Google Workspace With Onsite Helper today!

Onsite Helper - Australia's top Google Partner

Your business can also enjoy these new features and more when you upgrade to Google Workspace with Onsite Helper today!

Onsite Helper specialises in Google Workspace migration, managed IT systems and solutions, and onsite IT support. We provide free cloud service consultation and a free IT security audit. We’ve helped hundreds of businesses in Melbourne, Victoria and all over Australia, and we are more than happy to work with you as well.

Click the button below and call us today!

Recent Posts

Ever Wondered How Your IT Universe Stacks Up? Drop Us A Line, And We’ll Help Paint You A Picture.

  • Our customers love us, we know you will too. Proven track record of customer satisfaction
  • Your Goals are our Goals
  • Get connected with Tech guys in the know
  • We will keep you up to date and communicate in plain english – no IT Jargon
  • When it comes to your business, security is our #1 priority!

Contact Us

Fill out the form below so we can sit down and have a chat.