If you only want to read a specific section of this article, jump to it through these links:
Employees are interesting to attackers because the majority of security breaches are caused by individuals. Out of human error, carelessness, or by accident, we do something – usually, click – that lets the attacker in. Once they are in our personal systems, they can get access to the company systems.
Here are some of the reasons why attackers want to get access to company data:
💸 Money
💣 Sabotage your employers' or customers' reliability
🤫 Access to your employers' or customers' confidential information
💿 Collect data
💀 Random or societal destruction or incapacitation
An attack usually starts from one person or employee. The target is not one person individually. The goal is to get access to the organization’s systems, and through there to customers and service providers. In the worst-case scenario, the attack can spread to the entire society.
Here are some examples of cyber attacks in recent years:
Information security attacks often start with social engineering.
This social manipulation can happen in various other channels: emails, phone calls, text messages, etc. What the attackers try to do is to get you to trust them, which then turns into manipulating you into giving them money, access, or data.
For example, the attackers can create fake profiles on Linkedin and Facebook. They send you a contact request from this fake person. Having real people as connections gives the fake account legitimacy. Hackers use fake accounts to deliver their scams.
Here are some of the most common ways attackers use.
Even though your organization would have top-notch security configurations and operations, you are an important link in the security chain. And there are several things that you need to know and do to keep you and your company safe. Here are some of the most important ones.
Why?
Two-factor verification gives good protection against basic phishing.
Two-factor verification is enforced on your Google account, but Google is not the only service where confidential information is stored at.
How to check if this is on in Google?
Humans are essentially lazy creatures: we tend to use the same or very similar passwords in different services. If attackers have some of your login details, they will try them on other services. If you’ve used the same password, you open the doors to attackers. And figuring out passwords is not that hard for attackers. 👇
This is why you have to give different passwords to different services. To help remember the multiple passwords you have, you can use password programs.
Password programs store all your passwords securely and give you easy access to them. You don’t have to remember dozens of passwords or reuse a few passwords over and over again across different sites. Do remember to safeguard your password program or otherwise, that’ll become the weak link.
Why?
If you’re using Google Chrome to store your passwords, the password checkup is a good way to see whether your passwords have been compromised or reused.
How to check?
You don’t receive all phishing messages that are sent to you because most of them get filtered or erased from your system before they get to your inbox. But sometimes phishing messages find their way to you.
If that happens, here’s how to report them:
If you open some links, be quick and report it. Contact IT support. Don’t hesitate to ask if you think you have done something wrong. Better to ask quickly rather than wait and see what happens.
When you get a message that you suspect is phishing, evaluate the message as a whole.
Look carefully at:
Do any of these look legitimate? Is there something weird about them? Does it look like it has come from a legitimate company or person? There might be only small differences in the senders' addresses from the legitimate ones. Check it and check with your colleague.
Read the warning messages
Whenever Gmail sends you a warning, read what the warning says and act upon it. Don’t just delete. Read them and think: what does this mean? Warnings always appear for a reason and you should always read, understand and act upon them.
The warnings look like this:
Why?
Attackers are constantly searching for zero-day vulnerabilities.
How to safeguard against it?
Update apps and operating systems on all devices when prompted. Do not move all the updates forward, act as soon as you can. Only install the apps and software you need.
Updating doesn’t solve all the problems but the more up-to-date your system is, the fewer cracks there are for the attackers to use to get into your system.
Why?
Modern tools are built on APIs. Attackers can use APIs to gain harmful access as well by tricking the user to give access to malicious third parties.
How?
Read the API access requests and make sure the request aligns with what you are trying to achieve. You have to know what the granting of permissions and rights means.
Why?
When your general settings are tight and infrastructure is solid the most likely data leak is overshared information or sharing information by accident.
How to safeguard against it?
Internally use groups for sharing and stick with folder structures. Externally favor direct sharing and use timed sharing when possible. Be cautious with access requests.
How to share securely in Google Drive?
The safest way to share is to share with one person or a group. Then you know to whom you are sharing the file.
Data management: by default, all your work-related files and all the stuff you need in your work should be in the drive. Don't download anything to your computer.
Whenever you share something in Drive, think about what levels of rights you want to share. Remember: you don’t have to give rights forever.
Membership levels in Google Drive:
Why?
It is an easy and guided way to make sure security settings are in order. You can run this check and what level your security is on your Google account.
How to do it?
You should also check other settings in your Google Workspace.
Networks
Use only secure networks and use a VPN connection if your company recommends one. You should not connect your device to a network you cannot trust. Use your own phone’s connection.
Make sure the wireless WLAN network in your home is protected by a password and the routers etc are up-to-date, and only use that. Don’t open your WLAN to everyone.
Devices
Use the tools provided by your organization. The data security of your own devices is not maintained as consistently as your organization’s devices.
Conversations out in the open
Only talk about work in places where bystanders cannot hear the conversation. Outsiders don’t need to know what you or your colleagues do.
Mobile phones
Use security codes, always lock your screens and block the notifications that appear on the phone. It is not for everyone's eyes to know if your CEO has done something. Enable clearing the mobile phone data remotely. If you lose the phone, you can still clear it.
Laptops
Make sure others cannot see your computer screen. Use protective film to darken the screen. Don’t leave your computer and phones unattended. Minimize the amount of information you store locally on your computer and prefer storing everything in the cloud.
The main thing to remember is to keep your things safe. By keeping your stuff safe you prevent the attackers from flowing through your organization. When the basics of Google accounts are under control, it is a good idea to systematically invest in the further development of security. And if you want to be absolutely sure your Google Workspace is safe, you can let it be managed by a partner.