Source: Admin Insider: top questions (and answers) on data security in G Suite from Google Cloud
G Suite helps take the complication out of data security by giving IT admins simple, streamlined ways to manage their users, control devices and stay compliant. After all, security tools are only useful if you deploy them.
We meet with customers frequently and hear many of the same concerns when it comes to data security. In the spirit of RSA this week, we want to provide answers and best practices based on these top questions so you can continue to keep your organization’s data secure.
While your organization should have a specific set of security policies, here are a few pointers to help you strengthen them.
Lastly, take advantage of security health recommendations in the Admin console. If you’re a G Suite Enterprise customer, we analyze your specific environment and give custom advice to help you secure users and data better, ranging from details on how your files are shared, information on how to better store your data, and recommendations on mobility and communications settings.
These are just a few pieces of advice to get you started. Since you know what works best for your organization, consider going through these recommendations to think of ways to best deploy based on your specific security needs.
We want to help you stay ahead of threats. The alert center in your Admin console can help. It includes notifications for both security threats and critical system alerts when they happen. Insights around these alerts can help you better assess how much your organization has been exposed to security issues at both a domain and user level.
In addition, if you’re a G Suite Enterprise customer, you can use the security center to dig deeper into why a device was compromised, whether any suspicious emails were sent or received, and even suspend users, all from within the security center investigation tool.
If you use G Suite, there’s a dedicated dashboard in the security center to help you monitor file exposure, providing a snapshot of files that have been shared externally or that have publicly listed links. Make sure to check that dashboard regularly.
With the security investigation tool, you can go even further and see specific file shares and audit file permissions.
You can also set IRM controls on multiple files and disable specific users from accessing those files.
Because our data centers are globally distributed, we can help reduce latency for multinational organizations. Some organizations, however, have requirements around where their data is stored, and we’re committed to meeting those needs, too. With data regions, customers can designate the region in which primary data for select G Suite apps is stored when at rest—globally, in the US, or in Europe. Setting up data regions is quick and easy. There are no minimum seat requirements and you can change your covered data’s location at any time.
Additionally, if you are a G Suite Business or Enterprise customer, you can also use Vault to set retention policies for your entire organization or specific organizational units with custom date ranges and specific query terms to keep track of what matters.
If you are attending RSA San Francisco this week, we’re hosting the third edition of Google Cloud Security Talks at Bespoke in Westfield San Francisco Centre, a five-minute walk from Moscone Center. In addition to presentations and panels, we’ll feature several interactive demos that showcase how Google prevents phishing and ransomware attacks and how partners integrate with our services. Check them out!