The year 2017 has again showed us that even the best organisations with large IT teams could not protect against data breaches.
Examples include :
- Google Docs Phishing Attack : In May 2017, millions were attacked by an email asking users to “edit a Google drive document“ which, when clicked, took users to a Google drive app install page. Once installed the application gave the third party full access to the Google Drive contents.
- Equifax : Attackers exploited a website vulnerability and stole 143 million records which included personnel information including social security numbers, credit card information, addresses. River City Media : email marketing firm data breach compromised 1.34 billion records.
- Hyatt Hotels : 41 locations in 11 countries were affected with an attack compromising credit and debit cards.
The list of attacks is quite long and well covered in the media.
Let me get straight to the point. Let’s just say that you have the best IT staff with security experts smarter than the world’s best hackers. Also, you have employed the best security hardware and software to protect your organisation. Every time you read about an attack on another well–known brand and you still feel fear. Fear is natural, of course.
Google Drive is used by millions of organisations worldwide. Google encrypts static drive data and only authorised users can see it when they login to their Google account.
However, your Google drive data, including documents and sheets with sensitive information (example financial , customer, sales or intellectual property) can be compromised in various ways including:
- When a user installs a third party Google drive application (for example a drawing app or a game). This application gain access to the user Google drive contents.
- When a user’s Google G suite account login credentials are compromised and are used by external attackers. Attackers may then encrypt your documents and demand a ransom.
- If a user within your organisation accidentally or deliberately shares Google drive data containing sensitive information.
- When an authorised employee needs to share (drive files with sensitive data to an external organisation (for example your accountant) but has no way to encrypt the Google drive documents.
- Successful phishing attacks including spear phishing may cause your users to send sensitive drive documents links to attackers.
Google guarantees safety of your data but will not take responsibility for user error such as the examples listed above. Drive security is a shared responsibility between you as the customer, the customer and Google.
Is there a solution to absolutely making sure a data breach by an insider or outsider does not cause damage? I will give you the solution as it applies to Google G Suite Drive and Team Drive.
The solution consists of 3 parts, each of which can be independently implemented as G suite security checklist items by administrators:
PART 1 : GOOGLE DRIVE ENCRYPTION
Encrypt Google drive files – at least the sensitive ones.
Even in the worst case scenario, a data breach would result in attackers laying their hands on encrypted drive documents without the keys to open it; which amounts to meaningless data in the hands of attackers.
The solution you deploy must encrypt Google drive including:
- Automatically encrypt files when they are not being edited.
- The solution must allow automatic Google drive folder level encryption allowing Google drive for teams within organisations to share and collaborate with password protected files.
- Protect files where ever they travel outside your organisation. The solution must allow third party organisations outside your domain to open your files for legitimate use if you have shared the key/password with them.
- The solution must allow G suite administrators to reset keys and create policies to auto-encrypt sensitive information. This gives control if any employees leaves or new ones join.
PART 2 : GOOGLE DRIVE BACKUP
Backup your data in a different destination from a cloud-to-cloud backup vendor.
With a separate backup copy, even if an attacker or insider completely destroys your data, you can restore it back. Backup is the ultimate insurance policy.
PART 3 : GOOGLE DRIVE APPS FIREWALL
Install a firewall app for your organisation’s Google drive. This allows users to install white listed safe apps while automatically blocking access to suspicious unauthorised apps.
That’s it! Encrypting your sensitive data protects you from insider accidental shares and external threats. Backup gives you an encrypted second copy of your data stored safely by backup vendor. Apps firewall ring fences your drive. This 1 – 2 – 3 punch is a great strategy heading into the holidays with a relaxed mind. SysCloud is a one stop solution for anyone looking to implement all 3 parts with ease with a single application.