G Suite Security and Privacy Settings to Be Enforced By Administrators

Google Cloud Platform (GCP) administrators have to take a serious responsibility of controlling privacy policies for new G Drive files, security authentication schemes for login, and sharing settings on Team Drives. Several enterprises afford the default settings for these three set of settings that result in:

• New Google Drive documents that are private and readable only to the file creator 
• MFA authentication option, which is by default, deactivated in accounts 
• Team Drives, which allows files to be shared with external entities

But different companies may dramatically select different defaults. For example – Imagine an industry that has the practice of saving files on the Windows server, on-site, with the service configured to permit access only from the machines connected through Ethernet. In this particular scenario, when an individual sign-ins into an account, almost all data is visible and accessible by everyone. As these respective industries transition to Google Suite, they will like their G Suite settings for reflecting their recent security and privacy preferences.

Well, in the next upcoming section, readers are going to find the points that are necessary to be kept in mind for the enhancement in Google Cloud Platform Security. The listed G Suite security and privacy settings do not demand any additional products to be installed in a company and are easily available on the cloud service provider’s platform.

G Suite Security and Privacy Settings

1. New G Drive Files – Private or Public = At the initial level, Google Suite keeps each new G Sheet, Docs, or Slide that users create, in private mode. It is visible or accessible only by those users who have created it. But, a Google admin has the choice of changing this private mode to the public and allow other employees of the company to at least read it. After this updation, when any employee (apart from the file creator) will search for that file on G Drive, he or she will receive that file. Now it is the admin thought process whether he or she wants to permit all or particular employees with file editing option or not. Also, people can switch the mode to private from public, if found it necessary for G Suite security and privacy settings.

Note – In the public mode, the file is accessible only among the organizational users, not any other third person.

If you are not known with the setting to switch the public mode to private or vice-versa then, you can take help of following instructions:

• Login into your G Suite account with administrator credentials that do not have ‘gmail.com’ domain at the end of email id. 
• Navigate towards the Admin Console screen and click on Apps >> G Suite >> Drive Docs >> Sharing Settings
• This opens a web page where you’ll find a Link Sharing field where you can decide whether to turn Off the sharing settings or On it. 

2. Sharing of Resources on Team Drive = Resources stored on Team Drive might be accessed by all the group members. With the change in team membership, you can either add or remove the team members. Whenever a new member is added in Team Drive by an admin, the respective member gets permission to access resources and files that are available on that Team Drive. But, when the tenant administrator removes the member from Team Drive, he or she loses all permissions from accessing the resources of that Team Drive.

Note – No matter whether an admin adds a new member or removes an existing member, all files and resources are on the Team Drive only.

The tenant administrator has the authenticity to create as much Team Drives as he or she wants, which either encourage file sharing or promote privacy. The default settings of Team Drive encourage sharing of resources with the company’s employees working outside the business network. As per the business strategy regarding G Suite security and privacy settings, it is the final decision of account owners what settings they prefer the more. In order to adjust the Team Drive settings, you can refer the following instructions:

• Login into the Google admin account   
• Now an Admin Console page gets opened in which you have to click on Apps >> G Suite >> Drive and Docs >> Manage Team Drives  
• Here, on RHS of the screen, you have to choose the sprocket for the management of Team Drive settings.  
• This opens the page where you have to define the settings as per your needs. 

3. Multi-factor Authentication: Yes / No = Being a responsible person, it is the duty of Google administrator to enable the option of ‘Allowing users to turn on MFA or 2-step verification.’ This G Suite security settings will provide prevention from data leakage incidents and compromised account mishaps that are generally caused due to unauthorized account access. 

The 2-step verification method demands a security code be entered just after the email id and password for user access approval. The code will be sent by Google on the registered phone numbers in the form of text message. Also, an administrator is benefited from multiple advanced security options, which restrict tenant access. These options comprise:

• Enforce 2-step verification for all connected tenants or tenants of one single organizational unit. 
• Demanding for 2-step verification for login procedure every time 
• Demanding for a security key to access the tenant 

If you are not known with the method of enabling 2-step verification, refer to the following guidelines:

• Go to https://admin.google.com and enter Google admin credentials 
• This opens the G Suite Admin Console page where you have to click on Security >> Basic Settings 
• On the current web page, you will find a field named as Two-step verification. In this field, you have to check the checkbox of Allow users to…… 

Google Is Providing All, It’s Time to Utilize Them

Being a cloud service vendor, Google is using the best cloud security standards that are needed to secure data online. But, it is the equal responsibility of customers to use free security policies, which are provided by the CSP. Google can enforce security at a very basic level, administrators have to define their own set of advanced G Suite security and privacy settings. This will be useful for those businesses where sharing of resources by ensuring ‘no data exposure’ incident, is required to develop the company.