Data security and compliance are imperative for schools harnessing the collaborative power of Google Workspace. Syscloud is a Marketplace cloud APP that you can install on your Google Workspace domain that will check all of your live data to ensure drive security and compliance. SysCloud is comprised of two modules (Backup and Security/Compliance/APPS Firewall) that can be purchased either together or individually and accessed in one platform.
The backup module provides a secondary copy of your G Suite data and allows simple click to restore functionality while protecting Drive, Gmail, Calendar, Contacts, and Sites. Yes, you should have Backup even if you have Vault enabled as your data is too important to not have a copy that is independent of Google. Although Backup is a part of the solution, in today’s post, we will be focusing on the security benefits of SysCloud Security/Compliance/APPs Firewall.
The Security/Compliance/APPs Firewall, will ensure your Drive data is safe by setting policies to alert administrators for inappropriate data sharing, among many other useful capabilities, read on to learn more about how SysCloud can ensure data security across your Google Workspace domain.
10 ways to ensure data security with SysCloud:
1. Are you concerned sensitive data has left your Google Workspace domain?
Gain actionable insights into all of the data that has been shared across your entire domain both internally and externally. Drill into each info card to see which files are being shared, removing any external users that should not have access. Sensitive content remains with users who should have access.
2. Do you have a need to password protect and encrypt files?
Encrypt files and password protect your most sensitive files and folders within Drive. In order to easily encrypt your files and folders, you just right click and choose to open with SysCloud File Encryption. Users outside of your Google Workspace domain can also access the encrypted files if they have the password, they will just need to use the free view file app from Syscloud. This is worthwhile if you have inside or outside entities that frequently share sensitive material (ex. School Resource officer, Child Psychologists, local community colleges). Accidental sharing is easy to do with Google, encryption stops accidents as you’d need to share a file AND give out a password by mistake.
3. Are you concerned that your staff is inadvertently sharing FERPA and PII data?
Set up a policy to alert you when FERPA or PII leaves your domain- whether it is through sharing of Drive documents or as a Gmail attachment. Take action on items that should not be accessible externally by removing the inappropriate sharing with one click.
4. Is it possible that financial information and employee information has left your domain?
If so, would you even know it was shared inappropriately unless it created an issue? It’s much easier to be proactive when identifying district credit card exposure. Create a Data Loss Prevention policy to monitor for exposed social security numbers or credit card numbers.
5. Does your district protect employee and student ID numbers that are unique to your district?
If your school district is protective over student and staff ID numbers, there is the ability to create custom regex patterns and place them within a policy to be alerted when they are incorrectly shared.
6. What Third Party Apps have been given access to users’ data?
Use the Third Party Apps report within the APPs Firewall section to get a list of all of the Apps that have been installed across your entire domain, including the list of users who have installed the APP and the ability to message the user. You also have the ability to revoke any unwanted authentication to unsanctioned APPs your users may be using their school-assigned Google Workspace account.
7. What method do you use to revoke any unwanted third party authentication?
Revoke any unwanted authentication to unsanctioned APPs your users may be using their school-assigned Google Workspace account and create a policy to blacklist the APP. Even if you already manage Apps in the Admin console to the degree you only allow the ones installed at the district level, an APPs firewall with stop any unwanted OAuth activity from your district accounts. Anytime a platform gives you the capability to sign in with Google and users choose their school account, their account data has been accessed.
8. Do you find you need to change ownership of drive files and/or folders?
Take control over Drive files and folders and change ownership without logging into the Google Admin console and changing users’ passwords. Use the search function to pinpoint the document and take control. Next, you can give access to anyone who needs it or just remove access from the original owner, this is especially useful when a student has created something they shouldn’t have.
9. How educated is your staff on appropriate sharing practices?
Syscloud allows you to automatically send out custom messages to end users who violate policies. You can provide them with a gentle reminder of what is acceptable use by linking any pertinent district resources and messaging. Even a gentle reminder can prompt users to pause and think about their sharing habits. This makes the service scale well in larger districts.
10. Are you using a keyword list in your admin console in hopes of catching students cyberbullying or making life threats?
SysCloud offers scanning of Gmail, Chat, Drive, and Sites to find and alert IT admins and those with delegated access of cyberbullying and life threats. Recognizing the vast majority of students using Google Workspace for Education communicate within Docs and Gmail, it’s helpful to be alerted when/if issues arise, allowing schools to be proactive when dealing with mental health or disciplinary issues.
How is SysCloud different than its competitors?
SysCloud is K-12 friendly, with pre-built template specific to education. Unlike some of the other products on the market today, SysCloud also scans Gmail- both the body of the email and any attachment. Other services, such as Cloudlock, have discontinued their support of drive file encryption and only support Drive, leaving a huge vulnerability with data leaving through Gmail. If you are a current Cloudlock customer, we urge you to get in touch with us to see if we can save you money and increase functionality of your drive compliance tool. We have extensive experience migrating customers from Cloudlock to SysCloud seamlessly, with support to your district along the way.
After reading through the ten questions posed in this article, could you easily accomplish most of those tasks with your current Google Workspace toolkit? Eager to check out the threats that are lurking within your Google Workspace domain and want to start a trial now?
Book a call with our partnership manager, Catherine Weers, who can walk you through a deeper dive of the product, start you with a trial, grab you pricing, and answer any questions you and your team may have. If you schedule some time, we strongly encourage you to invite any pertinent stakeholders in from your school district. Let us help you plan for a more secure Google Workspace experience with SysCloud.
Find this article useful? Share it!
About the Author:
Catherine Weers joined the Amplified IT team in 2017 after 13 years working in Public Schools as an educator and Technology Coordinator. She has a rich history in Educational Technology. Today, she is the Partnership Manager where she is in charge of ensuring schools get the right tools to fit their individual needs in security, Chromebook management, web filtering, backup solutions and much more. She is your #1 resource so feel free to ping her and chat about how she can help your district find the right fit.