Cloud storage is quickly and easily accessible from almost any digital device with an internet connection. It's no wonder that this solution has become so popular among many companies. However, it can also pose a risk to your cybersecurity. Let's take a look at how to protect cloud storage on one of the most popular cloud storage providers – Google Drive.
According to research conducted by the IBM Institute for Business Value, about 98% of companies plan to use multiple hybrid clouds by 2021. As the use of connected devices increases, so does the risk of data theft. Cloud storage services are still improving their security, but that does not mean data breaches cannot occur. So, what are the best practices if you want to minimize cyber risk? We took a closer look at Google Drive, one of the most popular cloud storage providers.
Share with care
The advantage of Google Drive is that your employees can not only share files with each other, but also collaborate on documents in real time. However, they should think twice when granting permissions. When only sharing of the folder is needed, they should choose the role of the viewer or the commenter. These options enable users to view or comment on only the files in the folder. But when they need to collaborate with others on particular documents, they should choose the role of an editor, who can organize, add, or edit files.
There are two ways to set the permission. Your employees can do it directly in a document and invite people to share files. Also, they can send a link, for example, via email. Google Drive allows people to generate links with specific permissions. Furthermore, all permissions can be edited. Does the file owner need to stop sharing the file with a particular person? No problem. It takes just a few clicks.
When link-sharing is enabled, be careful. Anyone with the URL can access the document. So, the document creator cannot be sure where the link will end up. To avoid putting in the same email addresses over and over again, try using Google Groups instead of just passing along a link (check tutorial here). Managing permissions takes some extra time. But in the end, your company data will be under control.
Make sure your account is secure enough
Instruct your employees to set a strong password. It may sound obvious; however, 123456 is still one of the most common choices for a password. Nevertheless, creating a strong password is just one of the many security measures to secure your account with. Think about adding an extra layer of security, two-factor authentication (2FA). This method of confirming a user's identity consists of a password and a second factor – which can be something you have (a physical key, your mobile device, or a security token) or something you are (a fingerprint or a retinal scan). With 2FA, even if your password gets stolen, your account is still under protection.
Check the apps before you download
Third-party add-ons can be useful. They help to boost productivity and save time. On the other hand, they can do harm in some cases. Installing one of the add-ons from G Suite's Marketplace requires a careful approach. First of all, your employees should read the reviews and ratings of the add-on they would like to install. Ideally, they should also go through the vendor's privacy policy, terms of service, and deletion policy. If there are any questions or uncertainty, they shouldn’t hesitate to contact the vendor and ask. Also, consider allowing employees to install add-ons in the browser.
Don't forget to encrypt your data
The good news is that data in various G Suite services are encrypted both in transit and at rest. But if your employees encrypt the files on their end devices, the protection of the data will increase even more. That is the so-called client-side encryption. When users upload encrypted files to the cloud, documents remain useless for attackers, since they do not own a decryption key.
Be cautious
All the above-mentioned recommendations can help prevent data leaks. Make sure you always know who you share the data with and how the file will be accessible. Don't forget to perform regular audits as well. They will keep you informed of how secure your drive is. Remember, the more cautious you are, the better protected your data will be.
留言