CAI Managed IT blog
You’ll Be Glad You Protected Your Google Account
Computer users today more than likely have a Google account, either for business or personal use. Not only is it accessible and convenient, it offers a versatile assortment of features. Regardless, no amount of accessibility, convenience, or versatility are worth your security. However, many users put precisely that, their security, at risk… often without even realizing it, or why this is such a big deal.
Today, we aim to fix that. We will review why a Google account is so important to keep secure, as well as a few means and methods of doing so.
How a Google Account Can Be So Valuable
The purpose of the Internet has evolved greatly in the relatively few years it has been around. Today, the Internet is largely used as a communications and information sharing tool - true to its roots. This is where the name Internet comes from: inter (reciprocal or shared) and network (a system of connected things). However, as new purposes for the Internet emerged over time, circumstances changed, and the view of the Internet shifted.
The Internet was always meant for sharing information, from the very first inklings of an idea. In 1962, J.C.R. Licklider of MIT wrote up a series of memos that illustrated a system of interconnected computers, intended to share programs and data the world over, that he coined the “Galactic Network.” This idea of sharing information was also the driving force behind Sir Tim Berners-Lee’s development of the World Wide Web. As Sir Berners-Lee said:
“Had the technology been proprietary, and in my total control, it would probably not have taken off. You can’t propose that something be a universal space and at the same time keep control of it.”
In many ways, these ideals are retained in today’s environment. Online sharing is at its peak, social media and collaboration fulling leveraging a network that is, for the most part, still free of control by any central source. These are ideals that have developed into the demand for net neutrality and open-access information. However, while these ideals have been largely upheld, there are a few notable caveats that give us a more accurate view of today’s Internet.
As the Internet grew in capability, it also grew in utility… many of which featuring the need for greater security and privacy. With the confidential information that only select users should be accessing growing in popularity within Internet-based communications, this spurred a balance to the Internet that both individuals and businesses can appreciate, and that Google has shaped its offerings around.
From its beginnings as a dissertation project by two Stamford doctorate students, Google has grown into the dominant force online today. Businesses use its G Suite applications every day, as private users leverage some of their other services to their own benefit. Many people, both for business and personal use, leverage Gmail. Let’s face it, Gmail is just useful, whether you use it for work, or just maintain an account to open accounts with other web services.
It is this last point that makes your Google account’s security so important to maintain.
How many of your online accounts are accessible by Google? On the subject, how many of your accounts would be compromised if your Google account was first?
This is the double-edged sword of a Google account. On the one hand, it only makes sense to use a Google account to create others, either using your associated Gmail address or linking it directly. The convenience is inarguable, and Google does equip these resources with reasonable security standards. So why not use a Google account?
Unfortunately, there’s one critical consideration that doing so adds into your security equation, that many overlook:
Linking an account to your Google account ties your Google account’s security to it directly.
This means that, if your Google account was to be compromised, all of the accounts you had connected to it are also compromised by association. Depending on what you had saved in this way, that could have some devastating ramifications.
Finding Out How Devastating
If you’re on your desktop right now, you can access your Google account by clicking here. In the Security section, you can review all the devices that your Google account has been active on, all the third-party applications with access to your account, and all the websites that are utilizing Google Smart Lock.
Is this list longer than you would have expected? Does it include your bank?
If it does, all it would take for someone to defraud you would be to access your Google account--or even lock you out of your own bank, resetting your bank credentials by using your Gmail account to activate an account recovery process.
Again, this creates a conflict between two priorities: convenience against security. While the convenience could make anything that you use online more efficient in both your professional and personal life, nothing is worth compromising the security of either. So… where do we stand?
Like any conflict between two interests, the ideal place to meet is in the middle. In this case, it is the conclusion that you can have the best of both worlds--you just have to make sure that your Google account is secured properly.
While it would be great if there was, there just isn’t an option somewhere in Google you can select to make everything perfectly secure, just like that. Having said this, it is just a matter of taking a few precautions.
Securing Your Google Account
The first thing to securing any account is to understand that it isn’t a one-time activity and will need to be revisited periodically to make sure that everything remains secure. You should keep an eye out for news stories that discuss breaches among any of the organizations you have an account with, as you will still need to alter your credentials for these accounts.
Once this is set, there are a few best practices that it would be in your best interest to follow.
Passwords and Account Security
While all of your accounts should have the protection of a strong password, the fact that your Google account serves as a repository for your others make it only more crucial to implement one to its authentication measures. To accomplish this, make sure the password or passphrase you select is well in keeping with best practices, and that your Google account is the only account secured with it.
You should also be careful about what you are using to access your account. Any device that is available to the public should be avoided, as they are not only magnets for viruses and other digitally-based cyberthreats, but a cybercriminal could potentially retrieve your credentials from the device you used and thereby gain access to your account. Public Wi-Fi signals can have very similar issues, so use a secured, private connection whenever possible.
Two-Factor Authentication (2FA)
There is also the option to make your Google account ask more of someone trying to access it, a secondary code sent to you in a text message, delivered in the Google Authenticator application, or dictated through a direct call to your mobile device. By enabling 2FA, you can greatly decrease the likelihood that a cybercriminal will have everything they need to get in, assuming they don’t have access to your phone as well. We generally recommend that you utilize Google Authenticator, as it is the most secure of those three options.
You can also use your Google account to access a list of one-time authentication codes that you can print out and keep with you. This way, if you need to access your account and don’t have your phone handy, you can reference these to get in. If you run out of codes or lose the list, you can easily reset them and start over.
To set up these features, log in to your Google account.
At the end of the day, you don’t have to sacrifice the convenience of Google, as long as you have protected it responsibly. CAI Managed IT has the expertise to help you manage this security, as well as the rest of your business’ IT solutions and infrastructure. Call (800) 422-4782 to learn more.