Simply more IT security when working with Google solutions
Many Swiss companies do not take sufficient care of their IT security. This is the result of an interview of the Neue Zürcher Zeitung with Florian Schütz, the federal government's delegate for cyber security. Although there are great differences between companies, money is tight in many small and medium-sized enterprises (SMEs). However, this is not an argument for not investing in security - on the contrary.
"Cyber attacks can affect everyone", as the National Cyber Security Centre (NCSC) argues. According to current figures, around 22,000 cyber incidents were reported in Switzerland in 2021 alone. These are mainly fraud in the form of ransomware (encryption Trojans), data leakage, CEO fraud, invoice manipulation fraud (BEC fraud), check fraud and domain registration fraud, as well as pishing. Some of the consequences are devastating. Not only can the website go offline, but the entire network can be affected. "In addition to financial damage, confidential information sometimes falls into the wrong hands - with serious consequences: Loss of data, failure of systems, liability claims due to a data protection breach or damage to reputation are some examples," explains the NCSC.
User and IT errors are exploited
The ransomware, feared by many, essentially enters systems by opening links that lead to malicious websites or malicious file attachments in emails, according to the University of Applied Sciences Northwestern Switzerland. In addition, attackers scan the internet for open remote desktop servers and try to gain access to them using brute force attacks. Another issue is access attempts to other exposed systems such as Pulse Secure VPN or Citrix NetScaler. "Poorly protected systems with missing patches or incorrect configuration are being exploited." To prevent this, the experts emphasise the importance of both technical and organisational measures.
Secure and user-friendly IT components
These do not have to be cumbersome and expensive at all. Many solutions applicable in the context of Google technology overcome technical challenges while taking into account the human component. Examples are:
- BeyondCorp: This is Google's Zero Trust model and an agentless VPN alternative. It can be used to provide user- and device-based authentication and authorisation for core infrastructure and corporate resources. The result is secure working from virtually anywhere.
- Secure/Multipurpose Internet Mail Extensions (S/MIME): This message encryption solution ensures the integrity and confidentiality of corporate email messages. Once enabled, custom compliance and routing rules can be set up for this purpose, so that only certain messages can be sent or received.
- Client-side encryption (CSE): Here, organizations use their own keys to encrypt their data in addition to the standard Google Workspace encryption. With Google Workspace CSE, content encryption occurs in the client's browser before data is transferred or stored in Drive's cloud-based storage. This prevents Google servers from accessing the company's keys and consequently decrypting the data. This enables compliance with particularly strict data protection regulations, for example in highly regulated industries. The solution is currently in the beta phase. It is available for Google Drive data and Google Meet audio and video streams.
- Cloud Data Loss Prevention (DLP): DLP is a fully managed service to detect, classify and protect particularly sensitive data. It can be managed locally or in the cloud. Users gain visibility into the risk of sensitive data across their organisation, benefit from reduced risk through obfuscation and de-identification methods such as masking and tokenisation. They can also seamlessly audit and transform structured as well as unstructured data.
- Fast IDentity Online (FIDO): The specifications enable simple and strong authentication to protect user privacy. The protocols do not provide information that online services can use, for example, to track users across services. Biometric information, if used, never leaves the user's terminal device.
- Titan security keys: With these, companies can prevent account takeovers through phishing attacks. This is because the security keys use cryptographic procedures to verify the identity of a user and the URL of a login page. This ensures that attackers cannot access the account. Titan security keys contain a hardware chip with firmware developed by Google to verify the integrity of the key. This allows physical tampering with the keys to be detected. The security keys are compatible with popular devices, browsers and a growing number of services that support FIDO standards.
- Advanced protection against phishing and malware: These are settings for incoming emails that protect against phishing and malicious software. Depending on the type of threat detected, administrators can determine what action should be taken, for example, whether suspicious content should be moved to the spam folder or remain in the inbox and be accompanied by a warning.
Implementation without internal effort
This selection alone shows: Users of Google's collaboration solutions and cloud infrastructure can ensure the highest level of IT security with a variety of effective and user-friendly measures. The individual tools can be adapted exactly to individual requirements. Despite the variety of possibilities, this does not have to be witchcraft. As an official Google partner, we determine where you stand and what your needs are in a security audit, if desired in accordance with the CIS standard. In addition, we support you in the selection and implementation of suitable IT security measures and train your employees. You benefit from the expertise of our specialists and save internal resources so that you can focus entirely on your core business. Simply contact us!
Simply more IT security when working with Google solutions
Many Swiss companies do not take sufficient care of their IT security. This is the result of an interview of the Neue Zürcher Zeitung with Florian Schütz, the federal government's delegate for cyber security. Although there are great differences between companies, money is tight in many small and medium-sized enterprises (SMEs). However, this is not an argument for not investing in security - on the contrary.
"Cyber attacks can affect everyone", as the National Cyber Security Centre (NCSC) argues. According to current figures, around 22,000 cyber incidents were reported in Switzerland in 2021 alone. These are mainly fraud in the form of ransomware (encryption Trojans), data leakage, CEO fraud, invoice manipulation fraud (BEC fraud), check fraud and domain registration fraud, as well as pishing. Some of the consequences are devastating. Not only can the website go offline, but the entire network can be affected. "In addition to financial damage, confidential information sometimes falls into the wrong hands - with serious consequences: Loss of data, failure of systems, liability claims due to a data protection breach or damage to reputation are some examples," explains the NCSC.
User and IT errors are exploited
The ransomware, feared by many, essentially enters systems by opening links that lead to malicious websites or malicious file attachments in emails, according to the University of Applied Sciences Northwestern Switzerland. In addition, attackers scan the internet for open remote desktop servers and try to gain access to them using brute force attacks. Another issue is access attempts to other exposed systems such as Pulse Secure VPN or Citrix NetScaler. "Poorly protected systems with missing patches or incorrect configuration are being exploited." To prevent this, the experts emphasise the importance of both technical and organisational measures.
Secure and user-friendly IT components
These do not have to be cumbersome and expensive at all. Many solutions applicable in the context of Google technology overcome technical challenges while taking into account the human component. Examples are:
- BeyondCorp: This is Google's Zero Trust model and an agentless VPN alternative. It can be used to provide user- and device-based authentication and authorisation for core infrastructure and corporate resources. The result is secure working from virtually anywhere.
- Secure/Multipurpose Internet Mail Extensions (S/MIME): This message encryption solution ensures the integrity and confidentiality of corporate email messages. Once enabled, custom compliance and routing rules can be set up for this purpose, so that only certain messages can be sent or received.
- Client-side encryption (CSE): Here, organizations use their own keys to encrypt their data in addition to the standard Google Workspace encryption. With Google Workspace CSE, content encryption occurs in the client's browser before data is transferred or stored in Drive's cloud-based storage. This prevents Google servers from accessing the company's keys and consequently decrypting the data. This enables compliance with particularly strict data protection regulations, for example in highly regulated industries. The solution is currently in the beta phase. It is available for Google Drive data and Google Meet audio and video streams.
- Cloud Data Loss Prevention (DLP): DLP is a fully managed service to detect, classify and protect particularly sensitive data. It can be managed locally or in the cloud. Users gain visibility into the risk of sensitive data across their organisation, benefit from reduced risk through obfuscation and de-identification methods such as masking and tokenisation. They can also seamlessly audit and transform structured as well as unstructured data.
- Fast IDentity Online (FIDO): The specifications enable simple and strong authentication to protect user privacy. The protocols do not provide information that online services can use, for example, to track users across services. Biometric information, if used, never leaves the user's terminal device.
- Titan security keys: With these, companies can prevent account takeovers through phishing attacks. This is because the security keys use cryptographic procedures to verify the identity of a user and the URL of a login page. This ensures that attackers cannot access the account. Titan security keys contain a hardware chip with firmware developed by Google to verify the integrity of the key. This allows physical tampering with the keys to be detected. The security keys are compatible with popular devices, browsers and a growing number of services that support FIDO standards.
- Advanced protection against phishing and malware: These are settings for incoming emails that protect against phishing and malicious software. Depending on the type of threat detected, administrators can determine what action should be taken, for example, whether suspicious content should be moved to the spam folder or remain in the inbox and be accompanied by a warning.
Implementation without internal effort
This selection alone shows: Users of Google's collaboration solutions and cloud infrastructure can ensure the highest level of IT security with a variety of effective and user-friendly measures. The individual tools can be adapted exactly to individual requirements. Despite the variety of possibilities, this does not have to be witchcraft. As an official Google partner, we determine where you stand and what your needs are in a security audit, if desired in accordance with the CIS standard. In addition, we support you in the selection and implementation of suitable IT security measures and train your employees. You benefit from the expertise of our specialists and save internal resources so that you can focus entirely on your core business. Simply contact us!
