Here's an even beefier tier of G Suite!

Most of us know that G Suite is offered in two tiers; Basic and Business. Announced January 31st of this year, G Suite is now available at a premium level; G Suite Enterprise. Here's a quick breakdown of the respective tiers:

G Suite Basic is a professional office suite of collaborative productivity apps that offers your business professional email, shared calendars, online document editing and storage, video meetings, and much more. Basic is offered at $5 per user per month.

G Suite Business is the enhanced office suite. In addition to everything available in G Suite Basic, it includes unlimited Google Drive storage and Google Vault for everyone in your organization, plus additional Drive administration, auditing, and reporting features. Business is offered at $10 per user per month.

G Suite Enterprise is the new premium office suite. In addition to everything available in G Suite Business, it includes advanced administrator controls and customization features. Enterprise is offered at $25 per user per month.

Although many small to medium sized business may not consider the Enterprise tier, it's a value-packed and full-featured version of G Suite from all angles. To start, administrators on an Enterprise subscription get the following abilities:

• Add another layer of protection to prevent sensitive information from being revealed to those who shouldn’t have it. 
• Scan email traffic for specific content, such as credit card or social security numbers, and set up policy-based actions when this content is detected.
• Identify and mitigate loss of confidential data in scanned images. 
• Use a third-party archiving product to store and discover mission-critical email. 
• Analyze Gmail logs using advanced and customized queries. 
• Require a security key to sign in to G Suite Enterprise. 
• Enhance email security by enabling S/MIME encryption. 
• Use dial-in phone numbers for Google Hangouts/Meetings (gives each meeting a dedicated dial-in phone number).

Google extending DLP (data loss prevention) to Google Drive, making it even easier for admins to secure sensitive data, control what content can be stored and protect users from accidentally sharing confidential information externally.

In addition to these administrative features, Enterprise users get data loss prevention for Gmail and Drive to prevent leakage of sensitive data, such as credit card numbers, via emails or Drive. Users can set up policy-based actions to notify the admin, add warnings to message headers, or block emails from being sent when sensitive content is detected. Over 50 detectors for sensitive content matching are available with custom rules to provide warnings or block sharing. Enterprise also allows you to integrate Gmail with third-party archiving tools to help you meet complex email compliance requirements; this goes beyond archiving with the Google Vault service. These are definitely premium features but one of our favourite's is the ability to use dial in numbers for Google Hangouts/Meetings so team members on the road can feel connected and productive in meetings despite wi-fi or data issues.

The new tier is definitely great for businesses, but is also ideal for Education, Government, and even non-profits. With the new Enterprise tier, Google brings all of the great services from it's other G Suite tiers, along with a few new ones of it's own, to really meet the needs of organizations that require the above and beyond. Find more details on Enterprise here: https://gsuite.google.com/solutions/enterprise/. 

InterlockIT is pleased to announce that Google is now offering discounts of up to 40% on upgrades to Enterprise for existing G Suite Basic and Business customers (some conditions apply). This offer is valid until June 30, 2017, so hurry up and get in touch with us today to learn more!

Phishing - Avoiding malicious emails and links

Phishing attacks trick users into sharing personal information online and are typically done through email, ads, or compromised sites that look similar to sites that you may already use. What we see in our customer base are Google Apps and Gmail accounts that get hijacked and then used to send emails to further compromise more accounts. This normally happens when an end user enters their email address and password into a malicious website from an email link supposedly from a coworker or trusted source. Often this is a faked page that uses legitimate logos and text but normally with errors that may raise red flags for you. Phishing emails are also personalized sometimes which makes it more difficult for the recipient of the email to assess credibility.

An example of a malicious website from an email link. It may look legitimate, but the URL shows it's a hacked website.

There are a number of ways users can protect themselves and their organization from being victim to phishing attacks. The best way is to turn on two-step verification. Enabling two-step verification will require the user to authenticate beyond a username and password. It's an extra step, but ensures that the account is extremely difficult to compromise because even if an attacker has your username and password, they are unable to access your account without a unique, time-sensitive code. Here is how you can enable two-step verification for your Google Account.

Phishing is often successful when a user becomes complacent and too busy or rushed to bother checking the source of an email or site. Being aware and diligent, especially towards unexpected emails or attachments, can help you recognize when you are being targeted for phishing. Always confirm that the URL corresponds to the site you're expecting to see and before you enter your credentials, be sure to check for a trusted domain like google.com or facebook.com and that it's not something like google.xyzname.com or facebook.xyzname.com. If you are the slightest bit unsure, don't enter your login information and contact the person who sent you the email.

Another way to ensure the legitimacy of a site is to check whether the URL begins with https:// (s for secure) and has a lock symbol next to it. The lock means that the site is encrypted, which doesn't necessarily mean it's not hacked, but is a dead giveaway if it is missing.

Many account hijackers will email your contacts attempting to also gain access to their accounts, and then delete all your contacts. To add to the maliciousness, email filters may be used so that you don't see emails from people telling you your account has been compromised.

This phishing website attempts to trick users into giving away their login credentials and propagates by email. User's tend to login without actually looking at the URL first. We've reported the link and Chrome has already blocked it.

Tip: Always check the URL in your address bar, because if it's not from a legitimate root domain like google.com, it could be malicious.

If you do come across a malicious site or link, do not forget to report it. You can follow common advice by "reporting to an appropriate party" but  they typically do nothing. Take action and save your coworkers, family and friends from the bad guys by immediately submitting malicious links to Google. Often within as little as an hour of filing the report, the site will get blocked from Google search and Google Chrome. Firefox is relatively fast also, but Internet Explorer can take weeks to start blocking it.

Lastly, virus scanners rarely catch much in our experience but are still a necessary protection for the occasional time they do prevent problems. We recommend Symantec Endpoint Protection because it provides a cloud based console for monitoring your protection status across the company.

Unfortunately phishing sites still increasingly trick many users into surrendering their personal information and credentials. Hopefully this post has shed light on how you can help yourself and others avoid becoming victims of phishing. For all your technical assistance and needs with Google Apps, make sure to contact our InterlockIT team!

The Heartbleed bug and why a secure password matters even more now

In early April 2014, a huge vulnerability was uncovered in a cryptographic software library used by an estimated two-thirds of web servers currently in use around the world. This vulnerability allows an attacker to request data from the memory of any server that uses OpenSSL and potentially read unencrypted passwords, confidential or sensitive information, e-mails, or anything else the server happens to return.

According to Ars Technica:

The leak is the digital equivalent of a grab bag that hackers can blindly reach into over and over simply by sending a series of commands to vulnerable servers. The returned contents could include something as banal as a time stamp, or it could return far more valuable assets such as authentication credentials or even the private key at the heart of a website's entire cryptographic certificate.

Just how bad is this bug? Mark Loman, a malware and security researcher at SurfRight, tested a few public servers after hearing early reports of this bug and noticed that plain text usernames and passwords were being returned to him by Yahoo Mail, one of the world's most widely-used webmail services. Further investigation showed that Flickr, Tumblr, and a number of other Yahoo properties were vulnerable, potentially exposing millions of users to account compromises.

Mark posted a pair of screenshots to Twitter that show account credentials in plain text (see below). Mark courteously obscured the usernames and passwords affected, but it's not hard to imagine other people being somewhat less polite.

Tell me the truth, doctor, how bad is it?

On a scale of 1 to 10, the general consensus is 11. Remember, the servers involved have potentially been leaking their private security keys which means anyone can 'fake' being them, and you'd have no way of knowing for sure.

What does this mean for me?

If you're a systems administrator who controls a number of servers, it means lots of work to get everything patched and authenticating properly again.

One option is to start using a password manager. So many web servers use OpenSSL that it's likely some service you've encountered at some point will be compromised. Limit the attack vectors to your accounts by using unique passwords, and even if someone gains access to that forgotten account you set up once, they won't get access to that important account that you use every day.

Also use two-factor authentication wherever you can. Two-factor authentication protects you even in the event that someone does manage to get your password by requiring a second, randomly-generated "token" that expires every 45 seconds or so to allow you to access your account.

Thankfully, if you use Google Apps or Microsoft Office 365 you're safe. Microsoft doesn't use OpenSSL and instead relies on its own encryption mechanism and Google Apps/Gmail has been using forward secrecy since November 2011. Google is patching other services affected by the Heartbleed bug, but it never hurts to change your password regularly.