Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

9 Steps to Optimize Google Chrome for Google Apps Security


Published on

9 Steps to optimize Google Chrome for security of your Google Apps account.

Published in: Technology, News & Politics
  • Be the first to comment

9 Steps to Optimize Google Chrome for Google Apps Security

  2. 2. NINE STEPS TO OPTIMIZE GOOGLE CHROME FOR GOOGLE APPS SECURITY Backupify, Inc. 2 INTRODUCTION Google Chrome has been consistently rated as the safest consumer Web browser available today, but, to paraphrase a famous military scholar, no security survives contact with the user. Poor end-user habits and settings can compromise even the most secure browser. Below are some basic steps to ensure that Chrome isn't the weak link in your Google Apps security plan. BROWSER SETTINGS The first phase of improving Chrome's security profile is tweaking its native settings to avoid storing sensitive data, and to ensure you never surf to the more unsavory corners of the World Wide Web. 1. Make Sure Safe Browsing Is Enabled Chrome has a number of automatic Safe Browsing defenses against phishing and malware, most of which simply warn users against visiting pages with spoofed URLs or woefully out of date security certificates. Safe Browsing is enabled by default, but security begins by making sure it stays that way. 2. Block All Browser Cookies by Default While this will make the browser mildly less convenient by forcing the user to log in every time he or she reaches a site — including Google Apps — it will prevent any session from persisting after a browser tab is closed. This blocks both unwanted monitoring by third-party cookies and limits the possibility of tailgating attacks. 3. Block Saved Passwords Saved passwords are a risky convenience, as anyone with access to your browser — which is only a stolen laptop away — can subsequently access all your online accounts, Google Apps included. Moreover, hackers target the stored password file as a treasure trove of identity theft or intrusion ammunition. Disabling the saved
  3. 3. NINE STEPS TO OPTIMIZE GOOGLE CHROME FOR GOOGLE APPS SECURITY Backupify, Inc. 3 password function is perhaps the single most important step to take in protecting not just your Google Apps domain, but every one of your online accounts. 4. Disable Autofill Autofill data represents saved form data — addresses, phone numbers and email addresses — designed to make online sign-ups easier. While far less dangerous than saved passwords, autofill information is nonetheless a tempting target for hackers and laptop thieves alike, as it contains vital clues to the login information for your Google Apps domain (to say nothing of your online banking accounts). Disabling autofill keeps this information out of the browser. 5. Lock SafeSearch to Strict Chrome makes it trivially easy to employ Google Search, so those searches need to be as safe and secure as possible. Locking Chrome's native search functionality into SafeSearch mode ensures that no less-than-trustworthy sites are returned from any query, keeping the application that accesses your Google Apps domain that much further from any dangerous malware. SECURITY EXTENSIONS Chrome's native security measures are laudable, but you can double down on your defenses with carefully selected browser extensions. 6. Secbrowsing Plugin Version Checker The first step to safely using Chrome Extensions is to make sure those extensions are up to date, which is to say that all known security flaws have been patched. The Secbrowsing plugin ensures that any extension you're running is the latest, and thus likely the safest, version. 7. KB SSL Enforcer Secure Sockets Layer (HTTPS) browsing is fundamentally safer than standard web surfing, and most websites offer an SSL access option — provided you can find it. The KB SSL Enforcer defaults to the HTTPS address for every website that offers it,
  4. 4. NINE STEPS TO OPTIMIZE GOOGLE CHROME FOR GOOGLE APPS SECURITY Backupify, Inc. 4 including every core and non-core Google Apps service. Never transmit a password without SSL protection again. 8. View Thru URL Shortening Decoder Popular URL shortening services like and are often used to enable phishing attacks and malware installations by disguising unsafe web addresses. The View Thru extension allows you to verify the real, unshortened URL before you visit it, sidestepping these camouflage attempts. 9. PasswordFail Cleartext Password Alarm While virtually every web application requires you to create an account to use the service, a shocking number of these apps send and receive password information in dangerously insecure cleartext formats. While no Google Apps service makes this mistake, another web app's carelessness could compromise your browser and thus your Google Apps domain. The PasswordFail extension warns you off any web application that employs cleartext passwords, ensuring you never put your browser security in the hands of sloppy code. Implement these nine steps and Google Chrome's already stalwart security profile will be significantly stronger — and so will your Google Apps domain. ABOUT BACKUPIFY Backupify is the leading provider of backup and restore solutions for SaaS applications including Google Apps, Salesforce, Facebook, Twitter, and more. Backupify was founded in 2008 and is based in Cambridge, MA. Backupify has over 200,000 users trusting us with more than 500 million documents, two billion email messages and 350 terabytes of data. WHY BACKUP CLOUD DATA? Your data is one of the most critical assets of your business. Like any important asset, it should be insured. While most SaaS providers, including Google and Salesforce, offer state-of-the-art disaster recovery capabilities that protect you from some forms of data loss, you are still at risk for data loss due to user error,
  5. 5. NINE STEPS TO OPTIMIZE GOOGLE CHROME FOR GOOGLE APPS SECURITY Backupify, Inc. 5 hacked accounts and third-party application bugs. To fully replicate your on- premise backup capabilities in the cloud, you need the ability to perform granular restores, and to retain the control that comes from having your own secure second copy of the data in your SaaS applications. FIND OUT MORE If you're interested in the peace of mind you get from an automated Google Apps backup solution, feel free to contact us directly at  Web  Phone 1.800.571.4984  Twitter Backupify logo is a registered trademark or registered trademarks of Backupify, Inc. All other names may be the trademarks or registered trademarks of their respective owners. © 2012 Backupify, Inc. Item: GAT-WP-EN-200110608