More Tips for Securing Your G Suite

G Suite Best Practices

#1. Enforce Multifactor Authentication to Protect from Phishing


#2. Understand and Backup Audit Reports

  • Alerting for Security Critical Events
  • Aggregate reports of data sharing, security settings
  • Near real-time audit logs
  • Login attempts
  • Admin Activity
  • Email
  • SAML
  • Tokens (for 3-legged OAuth logs)
  • Drive activity
  • Calendar activity
  • Google Groups


Make Backups


#3. Manage OAuth For Your Domain


#4. Enable Email Security Features

Stop Spoofing with DMARC, SPF, & DKIM

E-mail Encryption

Limit Exposure to Email Data Leaks

Disable Email Read Receipts
Disable Email Forwarding
Disable Mail Delegation, Emailing Profiles
Disable outbound gateways


#4. Handle a Compromised Account Safely

#5. Be Aware of Which Documents are Shared Publicly and on the Web

Set Sane Default Sharing Settings

#6. Use Team Drive to Compartmentalise Information

#7. Keep Few Super-Admins, but consider at least three

#7. Audit Group Settings

Manage Group Permissions

You can control if group messages should be archived
Whether a group is listed
Restrict who can view and post to a group
Restrict who can view membership and topics

Manage Group Sharing Settings

#8. Disable Contact Sharing

#9. Whitelist Marketplace Apps

#10. Lock Down Google Talk/Hangouts

A Note on Products

Common Security Pitfalls

Two-factor Authentication Must be Enforced to be Effective

Three-Legged OAuth is a Potential Risk for Phishing

Guard Two-Legged OAuth Keys Carefully

Failure to Follow Secure Account Cleanup

Hangouts Leaks Directory Information

Special Thanks for Feedback

Have More Tips?


Cofounder at Longterm Security, Inc.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

{UPDATE} Bump 3D Hack Free Resources Generator


Users Must Know for ChainX 2.0 Migration

{UPDATE} Royale Summoners - War Of Dragon And Monster Hack Free Resources Generator

Discover and control what companies know about you

A Step-by-Step Guide for Participating in the Radicle LBP Event

Introducing .badass Domains

Vulnerability Assessments & Penetration Testing

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Alex Radocea

Alex Radocea

Cofounder at Longterm Security, Inc.

More from Medium

Better Airmail Search with Keyboard Maestro & Alfred

How to Find, Create, Open, Edit and Delete .bash_profile in macOS

3 Steps to Start a Local Wordpress Environment

Appropriate Applications of Technology