06 Jan 4 Reasons to Start Backing Up Your Data in Google Apps
By Rob May, SVP at Datto.
First things first, Google Apps for Work is an extremely safe productivity suite. Your company should feel confident using and storing data within Google Apps. Google doesn’t lose customer data, however when Google is told to delete data, it does. And most of those times, that deletion command is legit. So, how on earth could a company lose data in Google Apps? Here are four examples:
1. User Error
User error is just a simple, honest mistake with disastrous consequences. There are two types of user error – accidentally deleting information or intentionally deleting data only to realize that you need it later. User error happens way more often than you would think.
Google simply can’t protect you from yourself. After all, you told Google Apps to delete the data and Google did what you asked. Often you’ll be okay if you discover the error within 30 days. If not, it’s often a case of tough luck.
2. Security Breach
A security breach occurs anytime someone you don’t want to gains access to your Google Apps domain. If anyone other than one of your users signs into one of your Google Apps accounts, that’s a security breach.
There are two kinds of security breaches: a “hard” breach and a “soft” breach. A hard breach occurs when the software itself is compromised. Hackers have found a way to get around your defences and get at your data. A soft breach occurs when an attacker tricks one of your users into granting him “legitimate” access to your Google Apps domain. These techniques are known as social engineering, where the attack focuses on people rather than technology. The most common form of soft breach is caused by phishing, where users are duped into revealing passwords by way of emails or web pages that are designed to look like “real” login screens.
When it comes to hard breaches, Google has so far been very successful. Unfortunately, there are no real software defences against soft breaches because it doesn’t matter how sturdy the lock is if you give a burglar the key.
3. Third-party app error
Unfortunately sometimes applications are configured incorrectly or aren’t employed according to the developer’s directions. Google can’t and doesn’t guarantee that the third-party apps in its marketplace are foolproof.
Like any software, third party Google Apps products occasionally have bugs, and even the ones that don’t are often quite easy to misuse.The danger lies in the amount of access these applications have to your Google Apps data.
When you install third-party apps on your Google domain, you grant those applications a specific – and usually quite broad – set of permissions. If a project management app can add events to your Google Calendar, it can also delete those events – or populate them with nonsense data that renders your schedule unusable.
4. Rogue Employees
While it’s a rare event, malicious user error caused by a disgruntled employee can cost your company serious man hours if the disgruntled employee decides to delete entire accounts within Google Apps, for example.
Since Google can’t distinguish between a good employee and a bad one, if someone with legitimate access to your Google Apps data wants to do harm, there’s nothing Google can do to stop it.
Now that you know there are a few ways to potentially lose data within Google Apps, you can take the right steps to better protect the data you store there.
a) Train employees thoroughly on security – It’s crucial to train employees on security best practices. It’s surprising how many users don’t know basic rules such as checking the web address of any page that asks you go log in.
b) Changing passwords at the right time – Always change an employee’s password or suspend an employee’s Google Apps account before firing him. Ensure that the steps are in order to defend against a rogue employee
c) Consider cloud to cloud backup – Regularly scheduled third-party backups of your Google Apps data can save the day in cases of user error, applications overriding your data, breaches, etc. If your company is storing any sensitive information in Google Apps, it’s worthwhile to think about protecting that data with a cloud to cloud backup.
Remember, just because you’re on Google Apps and your data is in the cloud doesn’t mean you throw away your IT best practices. Companies can and do lose data from time to time in Google Apps (and in other cloud applications). Train employees, ensure your data is secure at all times, and when in doubt, back it up.