Since its inception, Google has pioneered and pushed the limits of innovation. Their approach to an enterprise-grade cloud email service, Google Apps for Work, has lead the way.
A suite of services including file storage and sharing, real-time collaboration, professional email and a 99.9% uptime (less than five minutes downtime on average per month) is hard to ignore – however, it isn’t a complete package.
A critical element in deploying an enterprise-grade email system is security.
Considering the threat advanced cyber criminals pose, traditional antivirus vendors and IT teams are scrambling to keep up against advanced cyber threats like crypto ransomware and other zero day malware. This is why a security strategy that depends on a single vendor can break down.
No one vendor can keep up with every new threat; it’s not good enough to assume Google Apps for Work security and spam filtering is adequate in today’s business environment.
Find out three simple steps that you can take to secure Google mail for your business and take your experience to the next level.
1) Advanced Threat Protection
Google Apps for Work is a low cost cloud hosted mail solution. Bolstering it with superior threat protection is imperative to combatting advanced threats like spear phishing and zero day exploits.
We’ve heard the, ‘good enough for us’ response time and time again in Google Apps for work reviews. ‘Good enough’, is a dangerous defence strategy against modern threats that are crippling corporate networks.
A more robust approach is to apply a multipronged defence that uses threat detection engines from multiple security vendors. If you try to take this approach yourself, you will end up paying excessive licensing costs and bear the overhead of needing to manage multiple tools.
However, there are solutions in the market that can apply multiple threat detection engines without the large financial outlay and overhead of running multiple systems yourself.
CEO of cloud security vendor MailGuard, Craig McDonald comments,
“Today’s threat landscape means you need to defend against motivated and resourceful adversaries. Along with a multipronged security solution, businesses need the cloud email filtering layer to reduce the window of time vulnerability from zero day malware attacks”.
Deviations of the Google Drive spear phishing scam have been circulating; some variations are even hosted on Google’s servers and are served over an SSL. These scams originate internally with a Google Drive account, bypassing Google’s security defences; leaving targets victims vulnerable to infiltration.
Are you still going to welcome the, ‘good enough’ approach to your network’s defence with open arms?
2) Conflict of Interest
A recent study by Kaspersky Labs reveals 56.17% of all email traffic is spam. It’s critical that email security is considered as the first metric when partnering with a cloud security vendor whilst considering the deployment of an enterprise-grade email system.
Google has come under criticism in the past for leveraging data they automatically scan from customers’ emails to feed information to other departments of their business.
“Google has finally admitted they don't respect privacy” - John Simpson, Consumer Watchdog's Privacy Project Director
An article posted by The Guardian, reveals that whilst other email providers also scan the contents of emails for potential security threats, Google takes this practice a step further. They use the data they garner from scanned emails to identity themes and trends to display highly “relevant ads” for the benefit of the advertising sector of their business.
Google’s email scanning terms of service have been updated to provide transparent disclose that “incoming and outgoing emails are analysed by automated software.”
Here is a direct excerpt from their updated terms of service:
“Our automated systems analyse your content (including emails) to provide you personally relevant product features, such as customised search results, tailored advertising, and spam and malware detection.”
Do you value your email privacy? Or do you, as Google assumes, have “no legitimate expectation of privacy in information” you transfer via third parties?
3) Trust Multiple Security Vendors for a Foolproof Defence
Don’t put all your eggs in one basket – entrusting your network’s defence with one security vendor relies on the intelligence of one company.
Mitigate the risk of single vendor exposure by partnering with a cloud email security team with multiple layers of protection.
Implementing a multi-vendor defence eliminates the threat of common security vulnerabilities or flaws that can be repeatedly exploited by cyber criminals. This strategy of defence also enables the opportunity to apply the most current updates released by the various vendors protecting your network.
With the growing number of motivated and resourceful cyber criminals that have the same defensive tools you have, your business needs a multipronged solution to stay ahead. Your business deserves a proactive team of security experts and support that are available 24/7 by phone.
The one-size-fits-all approach is outdated. A defence in depth, best-in-class approach to selecting your cyber defence provides practical, modern protection against multiple points of vulnerability.
Bolstering Google Apps with superior threat protection to defend your network against advanced threats like spear phishing, malware and zero day exploits like crypto ransomware is as simple as an MX change. Google provide an amazing collaborative platform; leave the security to the experts.
© 2015 Google Inc. All rights reserved. Google and the Google Logo are registered trademarks of Google Inc.
Keep up to date on the latest security trends by subscribing to MailGuard’s weekly update or follow us on social media.