Prevent Phishing of G Suite Identities

Written by Cassa Niedringhaus on June 4, 2020

Share This Article

Corporate G Suite™ identities often serve as the keys to critical organizational data, which means they’re frequent targets of phishing attempts and even data breaches. One high-profile example of a phishing-related breach is the 2016 hack and subsequent email leak of the Democratic National Committee, which had massive repercussions during the U.S. presidential election cycle.

You can take concrete steps to protect your organization’s G Suite identities from phishing attempts, namely by instituting system-based password management. In this post, we’ll explore this concept and additional security measures you can implement to increase security and reduce the chance that such attempts are successful.

What is System-Based Password Management?

System-based password management is the concept that end users change and manage their passwords directly on their local system accounts, whether they use macOS® or Windows® machines.

This process requires a centralized identity, which is synced between their machines and the G  Suite user repository. Organizations need to have the architecture in place to ensure those password changes are written back to the core directory service and reflected elsewhere. Once this workflow is in place, it’s both more convenient and more secure for users.

How System-Based Password Management Prevents Phishing

Phishing attempts are often rooted in phony emails or web pages designed to trick unsuspecting users into entering their credentials there.

System-based password management subverts these emails and web pages because users are trained to change their passwords natively on their systems and not elsewhere. Hackers have recently levied domains that appear to belong to Google and other high-profile digital services to launch broad phishing- and malware-related attempts, which system-based password management is designed to address. 

This workflow is not only more secure — it’s also more convenient for users. They’re already accustomed to the native menus and steps involved in changing passwords on their machines, and they can self-service their password changes as needed without submitting tickets to IT. 

In order to implement a system-based password change model, you first need an identity and access management (IAM) platform that centralizes identities among your disparate resources. Then, you can ensure that the identity used to access a system is the same identity used to access Google and all other IT resources, such as SaaS apps, networks, and servers.

JumpCloud® Directory-as-a-Service® offers one avenue to implement this model. JumpCloud is a full-suite cloud directory service that you can use to unify and provision identities to virtually all IT resources, as well as configure, monitor, and manage users workstations.

A user enters the same password to log into their JumpCloud-managed machine, regardless of operating system, as they do to access G Suite and their single sign-on (SSO) User Portal. If that user has a Windows machine, they change their password using the CTRL+ALT+DEL workflow, and that change is written back from the machine to the cloud directory service and then propagated to all other integrated resources. If that user has a macOS machine, they follow a similar process through the Mac App.

If Active Directory® is your core identity provider, JumpCloud can also serve as a comprehensive identity bridge and facilitate password writeback from both Windows and macOS machines to AD without the need for a VPN or anything other than an internet connection.

Additional Anti-Phishing Security Measures

In addition to system-based password management, we recommend the following measures to further protect your organization’s identities.

  • Enforce MFA at access points: Multi-factor authentication (MFA) at login to systems, web-based SSO portals, VPNs, and other resources adds another layer of protection, and it ensures that even if credentials are compromised they can’t automatically be used to access organizational data. 
  • Monitor & update antivirus software: Antivirus software alone can’t protect your system fleet, but it can complement other security measures that you use to configure and secure machines.
  • Educate end users: Regular security training familiarizes users with the required password management workflow — via their systems — and gives them tactics to recognize and avoid phishing attempts, such as hovering their mouse over an in-email link to examine its source before clicking it. 

Deep, Cross-Platform System Management

JumpCloud is designed to integrate with each unique environment and serve your organization, wherever your users and their machines are located. 

The platform can enable system-based password management, MFA at virtually all login points, and system monitoring — all without any additional on-premises infrastructure required. Click here to learn more about cross-platform system management from the cloud.

Continue Learning with our Newsletter