For those of you in the know, Google Apps for Work (now Google Workspace) has long been recognised as enterprise ready software and its popularity across the private and public sector has grown significantly in recent years. CESG, the UK government's national technical authority for information assurance, has just posted a blog on "Google Apps for Work Security Guidance: Administrator good practice". This publication from CESG is most welcome and cements Google Apps position as a cost effective and secure alternative to Microsoft Office.
The guidance from CESG focuses on 5 keys areas with recommendations on best practice scattered throughout:- Google Admin Console
- Organisational Units
- Administrative controls
- Sharing controls
- Data privacy
Embedding good information management practices has never been so important. Organisations are often challenged with finding the right balance between supporting the latest technology and safeguarding information.
Locking down IT or running an open IT environment are no longer viable options and only serve to increase risk and promote bad practice such as Shadow IT.
To maximise the benefits of the Google platform, Ancoris run security workshops and provides detailed Google Apps administrator training. The security workshops explore best practice for organisations implementing Google Apps and look at people, processes and technology - i.e. administrative controls, supporting internal processes and staff engagement models. The Admin training walks the IT administrator through the many security settings available as standard in Google Apps and ensures appropriate choices are made to suit the enterprise. Compare this to the way we mitigate the risk of people driving on public roads: we improve vehicle safety, adhere to the highway code and educate drivers.
