Multi Factor Authentication For G Suite

admin Cloud Security Expert - CloudCodes Software
  • May 31st, 2018

Multi Factor Authentication For G Suite

Multi-Factor Authentication

Multi Factor Authentication (MFA) is a method of cloud security for confirming the user identity wherein the user is granted access to a login or transaction only after his successful presentation for two or more steps of factors to an authentication mechanism. This is deployed across enterprises so that the user credentials stay safe & secure, and there are no chances of any intrusions by cyber criminals. Multi Factor Authentication for G Suite enhances cloud data security, which is a feature that can be availed by deploying an appropriate CASB solution that has this feature included in its feature-set.

Using Multi-Factor Authentication To Protect Your Enterprise

Any enterprise that is having data security as its primary agenda can improve its cloud security by deploying Multi Factor Authentication. The primary email and collaboration platform like G Suite support (Multi-Factor Authentication) MFA and it would be in the best interest of the organizations to turn it on and enforce it wherever applicable. Statistics show that a poor 37% of the employees in an enterprise use MFA on their email and G Suite accounts. For smaller enterprises, the figure gets even worse with only 22% of the employees using MFA that translates to less than even 50 people having it enabled. Multi Factor Authentication for G Suite greatly helps corporate houses in reducing the credential stealing, but still they lag behind in its implementation. Around 63% of the stolen data is mainly due to weak passwords and credentials and so it is time that enterprises think about their cloud security on Google Apps for work.

The Importance Of Multi-Factor Authentication For Enterprises

Multi Factor Authentication i.e. MFA or the two-factor authentication (2FA) as it often referred to works on the principle of having multiple types of identification. This is of great help when any unknown user attempts to login using stolen credential like username and password. MFA always has two layers of authentication and this is done so as to make the chances of credential theft and forgery significantly harder and at the same time make it user-friendly and less annoying to the user (not to drive the users insane with more than two authentication factors.) The commonest types of authentication that the user will be asked to provide are as follows:

  • Knowledge- Something within the user’s knowledge like password or a passphrase.
  • Possession- Something which the user has access to like a mobile. The user will receive one-time-use codes or one time passwords i.e. OTP on their mobiles that serve as the second level of identification.
  • Inherence- Something that is unique to every individual user like biometrics. Retina, face and fingerprint scan are the popular ones.

While the knowledge and possession combination is the widely used ones, there are enterprises that rely on the inherence combination also. It is proven that with MFA in place, it becomes hard for the cyber criminals to break into your accounts by stealing the credentials. Many of the SaaS products support Google Single Sign-On (SSO), which means that, users can benefit if MFA is activated.

Implementing Multi-Factor Authentication For G Suite

Google has vastly improved the process of deploying Multi Factor Authentication for G Suite across enterprises for their work. Here are the steps required for the process:

  • Set up Two-Factor Verification for the domain that you need to protect
  • Turn on the Two-Step Verification Enforcement for that domain
  • G Suite provides a work-around for employees and contractors separately
  • For the new employees
    • Go to Security -> Advanced Security Settings
    • Here under the 2-Step Verification, you can set an enrollment period after a new account is created
  • Create an ‘Exception group’ for the contractors. This even though consumes a little time and effort, is worth it, as it will allow the members of that group to login without 2-Step Verification
  • On mobile devices, Google’s default Second-Factor Authentication is the Google app that works in a very user-friendly way. A notification pops on the mobile device asking whether the user has approved the sign-in. this is simple and secure and is better than the SMS-based second factor

CASB Solutions Offers Feature Of Multi Factor Authentication For G Suite

CASB Solutions have many features that help in curbing any nuisances of potential data thefts or data breaches etc., and one of these features included in the feature set of many CASB vendor solutions is that of Multi Factor Authentication for G Suite.