Financial Companies Seize Path to the Cloud
When Board meetings within the Financial Services sector start addressing the subject of migrating to the Cloud you can be sure that this technology has matured to provide a credible improvement on legacy infrastructure. So much so, that we have recently helped multiple financial companies gain FCA approval by leveraging the powerful security features within Google Workspace.
Highly regulated companies such as HSBC, ABN Amro, Allianz and Paypal have all taken the plunge and invested in Google Cloud & Google Workspace FCA-compliant tools.
What did these companies consider in this process, though, and how can it be applied to yours?
Securing company data
Unfortunately, it is almost impossible to prevent your employees’ mobile devices from being lost or getting stolen from time to time. When these incidents occur, it does not have to be such a worry.
Google Workspace keeps your company’s data secure with mobile device management (MDM) policies. With basic management, you can ensure that mobile devices require screen locks and/or strong passwords on your employees’ devices, keeping your corporate data secure. In addition, Workspace allows you to erase confidential business data with a device wipe, or selected account wipe for Android or iOS. You can see the list of devices that are accessing corporate data in the Google Admin console.
Google Workspace's Mobile Device Management means that you can manage, secure and monitor all mobile devices that are in your organisation. It is possible to manage a range of devices, including phones, tablets, and even smartwatches. People are still able to use their own personal devices for work (BYOD) as you will be able to wipe their corporate accounts on their devices, should the worst happen.
So, how does Google Workspace protect my data?
When you decide that you would like to store your data with Google Workspace, it is then protected in a number of different ways. This includes advanced phishing detection with the aid of machine learning, authentication with security key enforcement and also prevention of data leakage.
Due to Workspace being a 100% cloud-based system, it means you can be protected from attacks such as Ransomware, viruses, and malware. There is no need to install a separate system for spam processing because Gmail uses Machine Learning to automatically filter any spam and to scan all emails for suspicious and dangerous content. The Workspace administrator can also control all attachments sent and received by your organisation so that nobody opens or sends anything that they shouldn’t.
Other security-centric features include:
- Confidential Mode - users can help protect sensitive information from unauthorised access using Gmail confidential mode. Recipients of messages in confidential mode don't have the option to forward, copy, print, or download messages, including attachments. Users can set a message expiration date, revoke message access at any time, and require an SMS verification code to access messages.
- Data Loss Prevention (DLP) - analyses the files in your organization’s Team Drives for sensitive content. You can set up policy-based actions that will be triggered when any sensitive content is detected.
- Gmail Security Sandbox - a sandbox detects the presence of previously unknown malware in attachments by virtually "executing" them in a private, secure sandbox environment and analyzing the side effects on the operating system to determine malicious behaviour.
2 Factor Authentication keeps your data secure
Using 2 Factor Authentication (2FA) provides users with a better option to secure their accounts. As well as 2FA over an encrypted connection, users can also block unauthorized access to their accounts with Google Prompt, which delivers real-time prompts, telling the user when they have logged into a device.
This update comes through as a pop-up notification on the Google app. This allows users to answer “yes” or “no” when asked, “are you logging in?”
Allied to that, additional control can be gained from deploying Cloud Identity. For full details, please click here.
Automatic rules ensure Google Workspace FCA compliance
There are now new device rules for Device Management, which allows G Suite admins to define custom rules that create triggers for certain actions or events. For example, if something occurs on one of your company’s devices that’s been specified in a custom rule, the corresponding action that’s been set will automatically be carried out. Some of these rules include;
- Approve select mobile devices when the device is enrolled.
- Block access to corporate data if a specific app is installed.
- Block access to account/wipe the device if the user has more than 5 failed screen unlock attempts.
- Block access to/wipe the account if there is suspicious activity found on the device.
3rd Party App Control
Google can also protect your data against phishing attacks. Google provides 3rd party control with OAuth apps whitelisting. This gives your company extra control over 3rd party applications that have access to your data. It is now possible for admins to specifically select which apps can have access to which users' Google Workspace data. This keeps your data safe as it ensures that your users don’t accidentally grant access to apps that may be malicious.
Google Cloud & Google Workspace FCA Accreditations
As if that wasn’t enough, Google Cloud Platform has been awarded independent security standards, including ISO27001 and ISO27017 (see the full list here)
And finally, a quote from the CIO of HSBC -
“We have peace of mind knowing that Google Cloud takes security and compliance very seriously”Group CIO, HSBC (2018)
We are always happy to talk through your requirements here at Cobry, and we may even be able to give you a free IT security checkup in the process to help you with your Workspace FCA compliance!