Securing Your Google Account: The Unofficial Guide

Securing Your Google Account: The Unofficial Guide

If you use a computer today, there’s a fair chance that you have a Google account. The practicality that if offers with its comprehensive service offerings simply can’t be ignored. However, it is also important that a user’s, whether they utilize it for business or personal use,security isn’t ignored either.

Unfortunately, security is precisely what is often ignored, mainly due to ignorance as to why and how to secure their account. Here, we will cover both why a Google account absolutely must be locked down, and how to go about doing it.

What Makes a Google Account So Valuable

There is a huge discrepancy between the impression of what the Internet itself is for, and what it was actually created to do. While a great amount of the Internet is utilized as a means to store personal and private information, it was actually intended to share information as effectively as possible. The word Internet itself reflects that, derived from inter (reciprocal or shared) and network (a system of connected things).

From the very start, the Internet was meant to be an information dispersal tool, enabling anyone to access the knowledge they wanted. Back in 1962, MIT’s J.C.R. Licklider described a system he called the“Galactic Network” in a series of memos. The Galactic Network was meant to connect computers all around the world so that data and programs could be shared. Sir Tim Berners-Lee, the man credited with inventing the World Wide Web, did so based on the ideals of access and openness. As he put it:

“Had the technology been proprietary, and in my total control, it would probably not have taken off. You can’t propose that something be a universal space and at the same time keep control of it.”

This viewpoint informed the Internet as it largely exists today: a space where things can be shared, unfettered by any central point of control. This is the framework that the ideals of net neutrality and group participation flourish in, censorship stomped down through accessibility. It’s almost funny that we try to keep anything on the Internet a secret anymore, looking back at its original purpose.

Yet, as the Internet was leveraged for additional purposes, there was an increased need for privacy and security. Many communications shared online contain confidential information that needs to be shared exclusively with certain users. As a result, a new online environment emerged, where security measures restricted access to information to only those with the right credentials. This new approach has proved beneficial for businesses and individuals alike and is why Google has grown to offer what it does today.

Google’s Assorted Services

While Google originally started as a dissertation project by two PhD students at Stamford, its uses have expanded greatly in the years since. G Suite applications, like Google Drive, Google Docs, and others have assisted businesses greatly, while many private users have leveraged services like Google Maps and Google Drive for their own ends.

Perhaps most of all, users of all kinds have opened Gmail accounts, and have used these accounts to sign up for other assorted web services… and this is the where the potential problem lies.

How much do you rely on Google, in terms of accessing your online accounts? How much impact would the compromise of your Google account have?

It May Be More Than You’d First Think

Let’s look at the tendency to use a Gmail address whenever an email is required, or to save a password for easy access,or even to link a Google account to another profile. This all makes Google the most convenient option–if all you need is an email to create a profile, why not just use the one that you use for everything else?

Really, when all is said and done, Google is the choice that makes the most sense. Google offers reasonable security, and the other capabilities it offers deliver some compelling reasons to use it a soften as possible. However, there is a consideration that many overlook, to the potential detriment of the security of all of their accounts.

Setting up an account through Google means that account is only as secure as your Google account is.

Or in other words, if someone were to access your Google account, they have everything they need to access every account that you connected to Google in some way, shape, or form. This may mean more to you than you’d realize.

A Brief Demonstration

If you happen to be reading this on a desktop,go to your Google account by clicking here. Under Sign-in & security, click into Apps with account access. This will show you a list of all the applications with access to your Google account, along with a list of the websites that Google Smart Lock has your credentials to.

How long is your list? Does it happen to feature your bank?

If so, someone who gains access to your account could easily commit financial fraud. They could also use their access to your email to tell your bank that “you’ve” forgotten your password, resetting it and locking you out.

The Quandary

Unfortunately, the usefulness that Google delivers is too great to ignore as well, to the point that it is almost irresponsible to pass it up. This leaves us at an impasse of sorts–do we embrace convenience at the cost of security, or improve our security while sacrificing convenience?

The good news is, you don’t have to choose, as long as you have properly secured your Google account.

A daunting task, yes, but only because we have grown accustomed to Google providing one-click solutions. While there is no magic option that will keep you completely safe, securing a Google account is possible if the right precautions are taken.

Protecting Your Google Account

Again, these aren’t magic options, which means that that these aren’t solutions that will work indefinitely. Rather, they will require repeated activities over time. What follows are the steps you need to follow in order to protect your Google account, and by extension, your data.

Passwords and Account Security – Of course, this goes for all of your accounts, but because your Google account has so much tantalizing info in it for a hacker to leverage to their advantage you need to be extra careful in locking it down. Therefore, you need to ensure that access to it is sufficiently protected by a password in keeping with best practices, as well as the access point used to log into your account.

A good rule of thumb is to avoid using devices that are open to the public in order to access your accounts. This is because a cyber criminal may be able to access your account after you have finished your work, and the fact that these devices are petri dishes for cyber attacks doesn’t help either. Public Wi-Fi signals should be avoided for similar reasons. All the convenience in the world isn’t worth a security breach.

Two-Factor Authentication (2FA) – In addition to being smarter about how you access your Google account, you should establish additional requirements to make it more challenging to do so. Two-factor authentication can be a highly effective way to prevent unwanted access to an account, as long as it’s approached correctly.

The crux of the matter is this: not all two-factor is the same. If given the choice between a text-based 2FA solution or a mobile application like Google Authenticator, you should utilize the app. It will be the more secure option.

Furthermore, your Google account will give you access to a list of authentication codes that each have a one-time use. These can be used if you don’t happen to have your mobile device handy. Furthermore, these can be reset whenever you need to, so if you happen to lose the list, you don’t have to worry.

Log in to your Google account to set up these features and the others that are offered.

With the amount that the average Google account is linked to, it is paramount that its security is preserved. WheelHouse IT can help you preserve not only the sanctity of your Google account, but your entire IT infrastructure. Give us a call at (877) 771-2384 to learn more.

How to Keep Your Android Device Secure

How to Keep Your Android Device Secure

Mobile devices – like smartphones, tablets,and the like – are expected to be used by 2.87 billion people by 2020. That’s a lot of devices, with a good portion of them contributing to business operations. Unfortunately, that’s also a lot of potential security issues if the right preparations aren’t taken in advance.

Here, we’ll review some of these preparations so that you can enforce them among your business users. Keep in mind that these steps won’t make you impenetrable, they’ll just make you much less of a likely target for the opportunistic hacker.

Be Discerning

A lot of security issues that originate from mobile devices can be traced to the user simply allowing the wrong things onto their device. Connecting to public Wi-Fi and using apps that don’t come from the official Play Store are common mistakes that users make.

The problem here is that these activities leave your phone unprotected from abuse, when there are alternatives that don’t. For instance, instead of connecting to some public Wi-Fi signal, use a Virtual Private Network to do so instead. Rely exclusively on the Play Store to source your mobile applications, as outside sources simply can’t be trusted.

Even the Play Store has had some issues with malicious apps sneaking onto their platform, so how many do you think are waiting elsewhere that don’t uphold the standards that Google does?

As an added measure, don’t leave apps that you just don’t use on your phone, either. While most app developers are pretty good about updating their security, more apps ultimately mean more potential access points for an attack.

Be Proactive

While an attack may not be apparently imminent, it never hurts to be prepared for one anyways. If you don’t need a Bluetooth connection at the moment, or an Internet connection, all that leaving them active is will do is leave an access point for an attack to sneak in by.

You should also be sure to install and activate a few additional safety measures, like encryption (able to be found by navigating Settings > Security > Encrypt Device) and two-factor authentication (able to be found by logging into your Google account and accessing the two-step verification page).

Leveraging anti-virus and Virtual Private Network services are also recommended (many free antivirus solutions on the Play Store work fine, just make sure you invest in a good VPN service).

Be Practical

Practicality is any business’ best friend, as it optimizes processes through basic simplicity. What’s the simplest way to secure your mobile device? The answer is simple: lock it.

You need to make sure that you have some form of authentication protecting your device. Neglecting this is not only impractical, it’s irresponsible.

WheelHouse IT can assist you in putting all of these measures, and many more, in place. Reach out to us at (877) 771-2384 today.

How to Select a Phone Solution (and How to Properly Use It)

How to Select a Phone Solution (and How to Properly Use It)

Considering how long we’ve had access to the basic technology, telephones (and proper telephone etiquette while using them) haven’t changed all that much on the surface. What has changed is how the technology fundamentally works, and the options that are available for businesses.

Here, we’ll go over some of the options today’s businesses have.

Selecting the Type of Phone to Use

While many may be tempted to eschew the incorporation of telephony in their business, this temptation should be resisted. After all, most businesses still rely on a phone for communication purposes, so any business that doesn’t have one is cutting off a valuable source of client communications. This also makes the decision of what kind of phone to utilize an extremely important one.

There are a variety of options that a business has when selecting a phone to use, each with its own pros and cons. Admittedly, some of these options have slowly had their benefits phased out by current trends and through the introduction (and improvement) of these benefits by other approaches.

Landline

This is the phone system that, until relatively recently, was the option for anyone who wished to use the telephone. Utilizing the connections provided by the telephone company, a company would need to host PBX (or private branch exchange) hardware on their premises. A PBX system would allow for the creation of the company’s needed extensions as well as the incorporation of many of the business’ necessary telephone functions, including directories and call transferring.

While there is a high comfort level with these solutions, many service providers are gradually abandoning landlines, and the Internet access speeds that many companies require have allowed them to explore other options more easily.

Virtual Phone

Virtual phone systems can often be the middle ground between traditional telephony and a VoIP solution. With incoming calls potentially processed through traditional telephony and forwarded to employees through VoIP solutions, the features of this kind of system can give a business that relies heavily on its remote employees a means of unifying their communications, as well as some advanced features bundled in.

VoIP

A VoIP (Voice over Internet Protocol) system is one that eliminates the need for traditional telephony entirely. Instead, VoIP utilizes the Internet connection that your business already needs for the rest of its tasks, or can be leveraged as an app on a smartphone. In addition, most VoIP solutions include the same enhanced features that a business would need, for a much more affordable cost. These can be leveraged in two ways, though an on-premise system, or through a cloud-based service. Each approach has its own pros and cons.

An in-house system will initially cost your business a tidy expense, as the equipment needed to host the system itself is not cheap. Furthermore, you will need to pay a monthly fee for the necessary components that allow you to make calls. Any maintenance or upgrades will fall to your staff, and will require some skill.

However, this also means that you are in complete and total control of your business telephony.

Utilizing a cloud-hosted system will mean that everything is handled for you – you may not need to buy hardware, and you don’t have any maintenance to worry about. This also means that if your phone system goes down, your provider is the only one who can do anything about it. You’re also susceptible to Internet outages, as that is what allows the system to function.

Despite all this, VoIP is a very reliable solution (especially with a good service level agreement), with little that you have to worry about besides the monthly bill.

At WheelHouse IT, we have the expertise to recommend and implement the right phone system for you. Call (877) 771-2384 for more information.

How to Keep Your Kids Safe from Devices (and Vice Versa)

How to Keep Your Kids Safe from Devices (and Vice Versa)

It is no secret that kids these days have more access to technology than any generation before them. While this access can truly help to enrich their lives if leveraged properly, it can also have serious ramifications if it isn’t checked.

Many apps that are available on the various app stores out there are simply inappropriate for children to interact with,and many can leave them vulnerable to criminal acts.

Therefore, as they use their mobile devices,it is important that the adults in their life step in and create some common-sense boundaries. Here, we’ll go over some problematic apps that should probably be avoided, and some means of ensuring that these common-sense boundaries are enforced.

Apps to Watch Out For

There are a variety of applications that can prove problematic if children utilize them, for numerous reasons. Obviously, there are the dangers of anonymous, randomized chat and video applications, like Omegle, and their capability to connect children with predatory adults. Even Omegle has acknowledged this, their homepage itself cautioning users to “be careful” for exactly this reason.

Another app, Yubo (formerly known as Yellow),is supposed to be a friend-making application, using a Tinder-like swipe interface to connect teens. However, not only can this app be used as a means to misrepresent oneself, the Tinder-like interface also allows it to be used like Tinder. Worse, also like Tinder, this application bases its results on the user’s location, allowing for relatively simple real-life meetings.

Sarahah was originally intended to be an app that could be used to provide anonymous feedback and encouragement in the workplace. However, it was quickly adopted as a means for cyber bullying, and proved to be so effective that it was pulled from app stores – but not necessarily deleted from devices.

There are other examples as well – for instance, the application Vora was meant to assist those who were practicing intermittent fasting to track their time but was quickly adopted by teens who have anorexia and other eating disorders. Other apps are also commonly used by the “pro-ana” audience, including MyFitnessPal and Carrot Fit (which, if comparing a “carrot” to the “stick” approach, ironically uses more of a “stick”approach to dieting).

Even popular sites like Reddit can easily become an issue when kids are involved. There are plenty of subreddits dedicated to materials that are by no means appropriate for children, including pornography. While the app does state that users must be 18 years of age or older, there is no built-in means of preventing someone younger from confirming that.

In addition to these issues, many apps are little more than just delivery systems for malware and other problems.

What You Can Do

If you have a child or teen in your life that you are responsible for, there are a few different approaches you can take to protect them from this access.

Talk to Them

Yeah, it’s a cliché, but sometimes the most effective way to get through to a kid is to have a frank and honest discussion with them. Discussing some best practices about computer safety and making sure they know that many apps can’t be trusted might just be enough to get them to pay closer attention to what they are doing.

Set Controls

While it is important to trust, it is also important to eliminate temptation as much as possible. As a result, Google has incorporated a few safeguards that parents and guardians have the option to choose from.

The Google Play Store contains media of all kinds, from applications, books, and video content. On a child’s device, a guardian can set limits on Play Store app downloads. By accessing the Play Store, and from there, the hamburger menu (the three horizontal lines at the top left), and then Settings. Under User controls, you will find the Parental controls option. Switching this option on will prompt you to create a PIN and confirm it. After this has been completed, you can set your preferred age restrictions for which content can be downloaded. Make sure you hit Save before exiting out.

Windows 10 also allows you to create a specialized account for a child you are responsible for, which allows you to check in on their recent activities or schedule the amount of time they are permitted to use the device each day. Furthermore, you can restrict the content they are able to access and require every purchase (except those made with gift cards) from the Microsoft Store to receive your stamp of approval before proceeding.

To create this account, click on Settings > Accounts > Family and other people > Add a family member > Add a child. You can then either set up an account with an email address, or it the child doesn’t have an email address of their own, follow the appropriate link and create the account through the Setup Wizard.

Use Family Link

Family Link is an application that allows a parent or guardian an added level of management over a child’s device. It provides the capability to block certain apps and require permission for any downloads from the Play Store to complete, set screen time limits for the device, and manage settings on Google Search and YouTube Kids. Guardians can also use Family Link to remotely lock a child’s device and locate them as necessary.

If you implement a BYOD policy at work, make sure you also discuss the prospect of your child using the device with management. After all, you wouldn’t want an inquisitive kid somehow getting into company documents and messing them up.Just like you can protect your kids’ use of devices at home, WheelHouse IT can protect your use of devices in the workplace. Reach out to learn more by calling (877) 771-2384.