Audit, Update, and Enforce: How to Avoid This Preventable Google Groups Data Exposure
August 2, 2017
5 minute read
Configure with caution. Unfortunately, that’s the lesson hundreds of companies just learned. A simple misconfiguration in the Google Admin console made headlines recently by exposing personally identifiable information (PII) and sensitive messages to the internet.
The mistake was straightforward.
Instead of configuring Google Groups to “Private,” admins — and likely end users with group creation privileges — at hundreds of companies set them to “Public on the Internet.” With this setting enabled, sensitive messages and information were made available to anyone with an internet connection.
To gain a better understanding of your domain’s Groups, and to ensure you avoid data exposures because of misconfigured group settings, we recommend the following steps. (Note: To perform these steps as described, you’ll need to be a BetterCloud customer.)
Phase 1: Audit and update Google Groups settings
A full audit of Groups will give you a holistic look at group settings, including who can join, view or post messages, invite others, and more. Using BetterCloud for G Suite, you can audit all your Groups by exporting them into a Google Sheet.
Step 1: Using BetterCloud for G Suite, navigate to “Explore” Groups.
If you are a BetterCloud customer, you can navigate directly to this link. Not a customer? You can install BetterCloud here for free.
Step 2: Export all Groups to a spreadsheet.
This will yield a comprehensive report with showing every group in your domain. If necessary, you can use filtering to simplify the report. For example, if you manage multiple domains, you can filter to pull all the Groups for just one of the domains you manage.
Step 3: Filter and update group settings as you see fit.
After exporting the spreadsheet to Google Drive, use filters within Google Sheets to pinpoint at-risk Groups. You can then make bulk changes to group settings as needed.
Step 4: Upload the spreadsheet to BetterCloud to make the changes take effect.
Making the changes to group settings in the spreadsheet won’t change anything within your domain. It’s only after you upload the edited spreadsheet back into BetterCloud, the changes will be reflected in the Google Admin console. After uploading, you can check the “Activity Logs” to track the progress of the upload.
Phase 2: Audit group membership to find and remove unnecessary external members.
Sometimes external group members are necessary, as is the case with contractors, consultants, or freelancers, but these people are typically invited to join Groups. However, many times admins forget to remove external members from internal Groups when their contract is up. This can lead to unwanted data exposure. These former workers may still be receiving emails or calendar invites. It is helpful, and many times absolutely necessary, to have a solid understanding of all the external group members within your domain.
Step 1: Use BetterCloud for G Suite to pull an external group member report.
This step will produce a report that shows the emails of every external group member.
Step 2: Jump into the new BetterCloud platform to quickly remove the external users from the group.
At the end of this GIF, you see Action Engine. It’s a new feature that puts powerful actions at your fingertips on almost every page in the new BetterCloud platform.
Phase 3: Configure an automated policy to remediate misconfigurations and maintain proper group settings.
At some companies, admins allow end users to create Groups. Now, admins can allow this behavior without having to worry about data exposures as a result. The steps below enforce proper group settings and serve as a safeguard.
Step 1: Set up an Alert in BetterCloud for the “Anyone can View” setting.
We created a new Alert specifically to help prevent groups from accidentally being made public. problem. Allowing anyone to view your Google Groups will make names and other information publicly available on the internet. If there is a group that you want to make sure is publicly visible, you can use thresholds and/or conditions to only trigger the Alert when necessary.
Step 2: Use the “Anyone can View” Alert as the trigger for a BetterCloud Workflow.
When triggered, this will change a group’s settings to your desired configuration. You can even send a message to yourself or transfer group ownership. In the example below, permission settings are altered automatically and admins can define a number of different properties (such as who exactly can view the group).
Step 3: Set up an Alert in the new BetterCloud platform for Groups set to “Anyone can Join.”
A dangerous group setting to look out for is the “Anyone can Join” option. This leaves your Groups vulnerable to snoopers and malicious attackers. Unfortunately, it doesn’t take much research to know how to find and join public Google Groups. An unwanted external group member that goes unnoticed may lead to intercepted sensitive communication and access to shared files. This notifies admins of any Groups from being created or altered to allow anyone on the internet to join.
Step 4: Incorporate the “Anyone can Join” Alert into a Workflow.
These automations eliminate the need to constantly audit and update these two important Google Groups settings.
Too often, simple administrative errors can cause enormous headaches and even data exposures. The way forward is to create automated controls that eliminate the possibility of misconfigurations entirely.
Human error is inevitable, which is why it’s essential to put safeguards like the ones mentioned above in place.
