By Greg Keller Posted January 17, 2017
One of the most important steps that any G Suite user can take is to enable 2-step verification. Identity theft is currently at an all-time high [Time]. And there is perhaps no more critical user account than their email account.
Over the past decade, G Suite has made a significant push to become the back-end productivity platform for over 5 million businesses. As a result, G Suite has become a major target for hackers.
In addition to G Suite 2-step verification, IT admins should enable multi-factor authentication on a user’s system and other applications if possible.
Step-Up Email Account Security
The easiest way to compromise a user’s complete online identity is to take over their email account. Considering that G Suite is the email hosting platform for tens of millions of accounts, it is imperative that IT admins work with their teams to protect this critical account.
Google has provided 2-step verification as a significant step-up in security. Often called multi-factor authentication (MFA) or two-factor authentication (2FA), this process requires that a user enters not only their password but also a token generated by their smartphone. Thus, the user must enter something that they know and something that they have. This is a major increase in security of the account.
Directory-as-a-Service® Provides MFA Two Ways
Every organization should enable G Suite’s 2-step verification as a security measure. Unfortunately, even with G Suite MFA, it is not enough. As we all know, our Windows, macOS, and Linux systems are all logged into G Suite on an ongoing basis. If that machine is compromised or stolen, G Suite’s 2-step verification won’t be of any use. This is why multiple layers of security are critical.
We advocate leveraging a system-based multi-factor authentication solution as well. The same Google Authenticator application that is used for G Suite’s 2-step verification can also be used for system-level MFA when you leverage Directory-as-a-Service.
Directory-as-a-Service is a companion solution to G Suite. Think of it as the replacement to Microsoft Active Directory much like G Suite is the replacement to Microsoft Exchange. Directory-as-a-Service incorporates a number of different capabilities, including a central user management platform, device management, True Single Sign-On™, hosted LDAP, cloud RADIUS, as well as system-based and application-level multi-factor authentication. This last capability could be leveraged on user systems, thereby ensuring that users need an extra layer of security before being allowed to log into their device. This step along with G Suite’s MFA will make your user’s email accounts virtually impenetrable to hackers.
JumpCloud® Goes Beyond G Suite 2-Step Verification
Drop us a note to learn how to go beyond G Suite 2-step verification to secure your IT infrastructure. Please also sign up for our IDaaS platform and try our system-based MFA and application-level MFA for yourself. Your first 10 users are free forever.