Our Blog: Stuff we think you should know

Securing Your Google Account: The Unofficial Guide

Securing Your Google Account: The Unofficial Guide

If you use a computer today, there’s a fair chance that you have a Google account. The practicality that if offers with its comprehensive service offerings simply can’t be ignored. However, it is also important that a user’s, whether they utilize it for business or personal use, security isn’t ignored either.

Unfortunately, security is precisely what is often ignored, mainly due to ignorance as to why and how to secure their account. Here, we will cover both why a Google account absolutely must be locked down, and how to go about doing it.

What Makes a Google Account So Valuable
There is a huge discrepancy between the impression of what the Internet itself is for, and what it was actually created to do. While a great amount of the Internet is utilized as a means to store personal and private information, it was actually intended to share information as effectively as possible. The word Internet itself reflects that, derived from inter (reciprocal or shared) and network (a system of connected things).

From the very start, the Internet was meant to be an information dispersal tool, enabling anyone to access the knowledge they wanted. Back in 1962, MIT’s J.C.R. Licklider described a system he called the “Galactic Network” in a series of memos. The Galactic Network was meant to connect computers all around the world so that data and programs could be shared. Sir Tim Berners-Lee, the man credited with inventing the World Wide Web, did so based on the ideals of access and openness. As he put it:

“Had the technology been proprietary, and in my total control, it would probably not have taken off. You can’t propose that something be a universal space and at the same time keep control of it.”

This viewpoint informed the Internet as it largely exists today: a space where things can be shared, unfettered by any central point of control. This is the framework that the ideals of net neutrality and group participation flourish in, censorship stomped down through accessibility. It’s almost funny that we try to keep anything on the Internet a secret anymore, looking back at its original purpose.

Yet, as the Internet was leveraged for additional purposes, there was an increased need for privacy and security. Many communications shared online contain confidential information that needs to be shared exclusively with certain users. As a result, a new online environment emerged, where security measures restricted access to information to only those with the right credentials. This new approach has proved beneficial for businesses and individuals alike and is why Google has grown to offer what it does today.

Google’s Assorted Services
While Google originally started as a dissertation project by two PhD students at Stamford, its uses have expanded greatly in the years since. G Suite applications, like Google Drive, Google Docs, and others have assisted businesses greatly, while many private users have leveraged services like Google Maps and Google Drive for their own ends.

Perhaps most of all, users of all kinds have opened Gmail accounts, and have used these accounts to sign up for other assorted web services… and this is the where the potential problem lies.

How much do you rely on Google, in terms of accessing your online accounts? How much impact would the compromise of your Google account have?

It May Be More Than You’d First Think
Let’s look at the tendency to use a Gmail address whenever an email is required, or to save a password for easy access, or even to link a Google account to another profile. This all makes Google the most convenient option--if all you need is an email to create a profile, why not just use the one that you use for everything else?

Really, when all is said and done, Google is the choice that makes the most sense. Google offers reasonable security, and the other capabilities it offers deliver some compelling reasons to use it as often as possible. However, there is a consideration that many overlook, to the potential detriment of the security of all of their accounts.

Setting up an account through Google means that account is only as secure as your Google account is.

Or in other words, if someone were to access your Google account, they have everything they need to access every account that you connected to Google in some way, shape, or form. This may mean more to you than you’d realize.

A Brief Demonstration
If you happen to be reading this on a desktop, go to your Google account by clicking here. Under Sign-in & security, click into Apps with account access. This will show you a list of all the applications with access to your Google account, along with a list of the websites that Google Smart Lock has your credentials to.

How long is your list? Does it happen to feature your bank?

If so, someone who gains access to your account could easily commit financial fraud. They could also use their access to your email to tell your bank that “you’ve” forgotten your password, resetting it and locking you out.

The Quandary
Unfortunately, the usefulness that Google delivers is too great to ignore as well, to the point that it is almost irresponsible to pass it up. This leaves us at an impasse of sorts--do we embrace convenience at the cost of security, or improve our security while sacrificing convenience?

The good news is, you don’t have to choose, as long as you have properly secured your Google account.

A daunting task, yes, but only because we have grown accustomed to Google providing one-click solutions. While there is no magic option that will keep you completely safe, securing a Google account is possible if the right precautions are taken.

Protecting Your Google Account
Again, these aren’t magic options, which means that that these aren’t solutions that will work indefinitely. Rather, they will require repeated activities over time. What follows are the steps you need to follow in order to protect your Google account, and by extension, your data.

Passwords and Account Security - Of course, this goes for all of your accounts, but because your Google account has so much tantalizing info in it for a hacker to leverage to their advantage you need to be extra careful in locking it down. Therefore, you need to ensure that access to it is sufficiently protected by a password in keeping with best practices, as well as the access point used to log into your account.

A good rule of thumb is to avoid using devices that are open to the public in order to access your accounts. This is because a cybercriminal may be able to access your account after you have finished your work, and the fact that these devices are petri dishes for cyberattacks doesn’t help either. Public Wi-Fi signals should be avoided for similar reasons. All the convenience in the world isn’t worth a security breach.

Two-Factor Authentication (2FA) - In addition to being smarter about how you access your Google account, you should establish additional requirements to make it more challenging to do so. Two-factor authentication can be a highly effective way to prevent unwanted access to an account, as long as it’s approached correctly.

The crux of the matter is this: not all two-factor is the same. If given the choice between a text-based 2FA solution or a mobile application like Google Authenticator, you should utilize the app. It will be the more secure option.

Furthermore, your Google account will give you access to a list of authentication codes that each have a one-time use. These can be used if you don’t happen to have your mobile device handy. Furthermore, these can be reset whenever you need to, so if you happen to lose the list, you don’t have to worry.

Log in to your Google account to set up these features and the others that are offered.

With the amount that the average Google account is linked to, it is paramount that its security is preserved. Haber Group can help you preserve not only the sanctity of your Google account, but your entire IT infrastructure. Give us a call at 866.625.3560 to learn more.

One Phish, Two Phish, The Grinch Who Didn’t Phish
Tech Terminology: PDF
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, February 21 2019

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Best Practices Technology Cloud Email Hackers Privacy Business Malware User Tips Computer Business Computing Internet Network Security Tech Term Microsoft Software Productivity Google Hosted Solutions Mobile Devices Efficiency IT Services Small Business Communication Windows 10 Hardware Ransomware Backup Smartphone Data Android IT Support Productivity Saving Money Workplace Tips Managed IT Services Data Management Browser Microsoft Office Data Recovery Gmail Windows Managed IT Services Facebook Server Business Continuity Cloud Computing Upgrade Internet of Things Word App Passwords Innovation Office 365 Data Backup Phishing Disaster Recovery Managed Service Provider Business Management VoIP Employer-Employee Relationship Artificial Intelligence Encryption Remote Monitoring Outsourced IT Mobile Device Windows 10 Users Smartphones Cybersecurity IT Support Government Applications Information Money BYOD Office Tips Infrastructure Network Chrome Content Filtering Spam Big Data Miscellaneous Website communications Tip of the week Vulnerability Analytics Social Media Router Display Firewall Robot Customer Service Printing Automation WiFi Avoiding Downtime Hacker Settings Two-factor Authentication IT Management The Internet of Things Maintenance Virtual Reality Bandwidth Save Money YouTube Paperless Office Apple Tablet Employee-Employer Relationship Risk Management Wireless Data storage Access Control Antivirus Managed Service Mobile Device Management Unified Threat Management Apps Administration Holiday VPN Customer Relationship Management Hacking Wi-Fi Data Security Outlook Laptop Data loss Business Technology Development Monitors Virtual Private Network Augmented Reality Mobile Security Safety Presentation Operating System Server Management Document Management Touchscreen End of Support Office Computing Downtime Password Wireless Technology Google Drive Hosted Solution Telephone Systems Gadgets Virtualization Mouse Vendor Management Recovery Quick Tips Business Intelligence Scam LiFi SaaS Search Education Computers Company Culture Storage IBM Retail Networking HIPAA Running Cable Distributed Denial of Service WannaCry Update Legal IT service Alerts Heating/Cooling Service Level Agreement MSP Comparison Hard Disk Drive PowerPoint Refrigeration Drones Virtual Desktop Fraud Time Management Internet Exlporer Managing Stress Managed Services User Alt Codes Dark Data Going Green Social Engineering Buisness Title II Firefox Connectivity eWaste Device Public Speaking SharePoint Cabling Digital Payment Lithium-ion battery Managed IT Service Modem Chromebook LED Competition IT solutions BDR Licensing Servers Politics Social Specifications Compliance Onboarding Collaboration Network Management Value Cables Laptops Typing 5G Online IoT Techology Continuity Mobility Deep Learning Humor Downloads IT Technicians Managed IT Slack Halloween Break Fix Digital Cookies Lenovo Smart Office Co-Managed IT Cortana Google Maps Cooperation Charging Tech Support Hacks Black Friday Regulations Mail Merge Digital Signage File Sharing Undo Budget Fun Hotspot Professional Services Wires Software as a Service Computer Care Cryptocurrency Marketing How To Microsoft Excel Star Wars Unified Threat Management Solar Samsung Print Toner Bring Your Own Device sip Multi-Factor Security Disaster Mirgation Shortcut Monitoring Scary Stories Dark Web Spyware Nanotechnology Superfish Work Content Staff Statistics Websites Identity Theft Application Cybercrime Cyber Monday Social Networking Address Desktop Language USB Voice over Internet Protocol Training Bitcoin Network Congestion IP Address Spying Automobile Information Technology Blockchain Cost Management User Error Shortcuts G Suite Best Practice telephony Google Calendar Uninterrupted Power Supply Chatbots Patch Management Writing Sports Net Neutrality Screen Reader Optimization Streaming Google Docs Knowledge Printer Wearable Technology Bluetooth Analysis Mobile Office Smart Technology Corporate Profile Motherboard Troubleshooting Computing Infrastructure Dongle FinTech Windows 8 Hard Drives Google Wallet Permissions VoIP Assessment Security Cameras Business Growth Legislation Solid State Drive Identity Current Events FCC How To Smart Tech Recycling Remote Computing Human Error Experience Unified Communications Emergency Printers GPS Computer Repair 3D Printing IT Consultant Processors Cameras Relocation Meetings Tracking Health Unsupported Software Cleaning Alert CCTV Private Cloud Emoji Webcam Electronic Medical Records Mobile Data Work/Life Balance Error Black Market Point of Sale Regulation Travel Law Enforcement Entertainment Notifications Mobile Computing CrashOverride Twitter Botnet Supercomputer Motion Sickness Physical Security Gadget Staffing Personal Information Administrator Upgrades Crowdsourcing Taxes Web Server Domains Machine Learning IT Budget