Google states, “Two of the most common topics of questions regarding Google in general, and Google Cloud specifically, are security and privacy. We take both topics very seriously and offer tools that let you control how we process your data”. This is only a piece of the safety equation – the other piece falls to you the end-user.
Along with following the advice of Google’s Security Checkup, the following steps must be taken by the end-user to ensure maximum security.
- Unique – not used for any other online service (When using Enterprise Connect at Brewster – your “portal – long password” is used for your email, portal, and wireless)
- Complex – random letters, numbers, symbols – the longer, the better
- Along with your password, set up Google’s Two-Factor Authentication that requires a second credential to allow access to your Google Account. In most cases, the second credential is a 4 – 6 digit sequence sent to your cell phone via a text message.
Sharing Google Docs
- Documents with sensitive data should be set to “Private” or only shared on a very limited basis with internal users.
Sensitive Data is NOT Allowed to be Stored in:
- Google Calendar Events
- Google Hangouts
- Google Contacts
- Google Groups
Sensitive Data Users Lose Access to Publishing to:
- Picassa Web Albums
Devices Must have Screen-Lock Activated
- This policy requires your device’s screen to lock when inactivity reaches 15 minutes or less at which point you will be required to type in your password to use your device. When leaving a computer unattended (e.g., in the office, classroom, etc.,) staff should lock their computer’s screen. Computer passwords should be at least 10 characters or more. Smartphones and tablet passcodes should be at least 4 -6 digits. If your device supports Touch ID, you can often use your fingerprint instead of your passcode.