Google states, “Ensuring that our customers’ data is safe, secure and always available to them is one of our top priorities.” This commitment on Google’s part is only a piece of the safety equation – the other piece falls to the end-user.
Along with following the advice of Google’s Security Checkup, the following steps must be taken by the end-user to ensure maximum security.
- Unique – not used for any other online service
- Complex – random letters, numbers, symbols – the longer the better
- Along with your password, setup Google’s Two-Factor Authentication that requires a second credential to allow access to your Google Account. In most cases, the second credential is a 4 digit sequence sent to your cell phone via a text message.
Sharing Google Docs
- Documents with sensitive data should be set to “Private” or only shared on a very limited basis with internal users.
Sensitive Data is NOT Allowed to be Stored in:
- Google Calendar Events
- Google Hangouts
- Google Contacts
- Google Groups
Sensitive Data Users Lose Access to Publishing to:
- Picassa Web Albums
Devices Must have Screen-Lock Activated
- This policy requires your device’s screen to lock when inactivity reaches 15 minutes or less at which point you will be required to type in your password to use your device. When leaving a computer unattended (e.g. in the office, classroom, etc.,) staff should lock their computer’s screen. Computer passwords should be at least 8 characters or more. Smartphones and tablet passcodes should be at least 4 digits, but if possible, 6 is recommended.