For many organizations, Google’s G Suite is an integral piece of the day-to-day operations of running a business. From emails to spreadsheets, sensitive company data is now easily accessible to your team on desktops, laptops, and smartphones, improving efficiency and productivity. Most users have grown so accustomed to its ease of use and functionality that we often overlook that this data may be vulnerable to online hacks or viruses, such as ransomware. Unfortunately, many companies solely rely on the built-in protections provided by Google and wrongly assume that their data is secure.
Despite being a product of Google, G Suite is still just as susceptible to data loss as any other cloud storage provider. This article will help you understand the vulnerabilities within the G Suite offering and explain the importance of properly backing up and protecting your data to prevent catastrophic leaks and loss.
Ransomware in Google
Many attack vectors deliver ransomware to unsuspecting users. However, one of the most prominent methods is via email. An end-user opens an attachment that, in actuality, contains a malicious executable file that houses ransomware. While Google has some mechanisms for flagging these types of malicious emails, most sophisticated ransomware can easily make it past these types of filters. Once the infected attachment is downloaded, the malware begins encrypting any file on the user’s computer and those that they have access to in the cloud. Suddenly, critical data is unusable, and the organization may be roped into paying a hefty fine to enable access if they don’t have proper precautions in place.
In addition to vulnerabilities around email, another avenue for ransomware infection that ties on-premises environments to the G Suite public cloud SaaS environment is file synchronization. G Suite offers installable utilities to synchronize files from on-premises end-user devices to Google Drive. If ransomware infects an end-user device, it will begin encrypting data that will then be synchronized. The ransomware encryption process is viewed as a change in the file, which will trigger the synchronization process. The malware will then not only infect files on an end-user's computer but will automatically upload itself to Google Drive or Shared Drives, where it can encrypt any data located there. This instant backup provides more risk than reward, in many cases.
Google G Suite can restore data in a rudimentary fashion of “versions” of files in their cloud storage and a recycling bin that allows “un-deleting” files that have inadvertently been deleted, either accidentally or intentionally, for up to 30 days. While businesses may be able to leverage the file versions to recover data, this is not a method that can be relied upon for wide-scale protection of business-critical data hosted in the public cloud.
The strict timelines around Google’s file protection process are incredibly problematic for organizations that deal with sensitive data. What if businesses need to restore a “version” of a file not captured by the versions in cloud storage? What if there are services affected by ransomware outside of G Suite storage, such as email? Currently, only the Google Drive storage is available for the recovery of various versions of data. What about any other services that may potentially be infected by ransomware? All of these and many other questions lead to the conclusion that more is needed in the way of backups for data stored in the public cloud. This cannot be stressed enough – backups are essential to surviving a ransomware attack on-premises and in the cloud.
Backup Provides Critical Protections
The meager data protection provided as a native feature in G Suite cloud storage is not sufficient for surviving a massive ransomware attack in a G Suite environment. Organizations need a data protection solution that provides actual backup functionality for data stored in the G Suite SaaS environment. Secure backup solutions should allow true versioning, retention beyond the 30-day limit imposed by Google with their file versions, automation, powerful restore functionality, and migration features.
By taking the simple step of engaging a third-party backup service, organizations can quickly restore critical data should an attack occur. Moving an organization to a cloud environment should immediately trigger the engagement of a 3rd-party backup solution and a full audit of all safety and privacy policies to protect the company, employees, and, most importantly, the customers.
Related Network Computing articles: