A complete cloud system tends to make people dependent. Google G Suite requires a fast internet connection and the suite’s limitations are particularly noticeable when using mobile devices. However, if the connection is cut off, many functions have the option to switch to offline mode and to synchronize files at a later point.
If you don’t make local copies, they will only be stored by an external provider, in this case Google’s servers. Google employs security experts and, as a large corporation, has a sophisticated infrastructure in place to prevent data loss. However, even the best system is not 100% immune to technical glitches, temporary server downtime, data theft, or hacker attacks. Google also reserves the right to block the account for certain reasons – as a worst-case scenario solution.
As a G Suite user, you place sensitive data in the hands of the company and must trust that it is protected against unauthorized access because you can’t exactly exercise your own control. The fact is that your data will end up on potentially unsafe third-country servers to which different data regulations generally apply. Security certificates such as ISO 27001, which certifies that Google complies with international standards for IT security, are intended to remove such concerns. Nevertheless, the NSA affair, in particular, proved that secret services have no problem gaining access to data at server locations.
Additionally, Google’s data protection regulations are not completely transparent. This suggests that Google intends on retaining certain freedoms – after all, the processing of user data is Google’s largest business pillar. This regularly calls on data protection experts.
It is also important that you pay attention to data security within your own company. Although a one-time login may be practical, it does not pose a major hurdle for hackers. If the password is hacked or accidentally falls into the wrong hands, a lot of data is visible because it is all connected on Google G Suite. For increased security, Google alternatively offers multi-level authentication and other security features. The admin account allows users to change their credentials at any time. Mobile device management lets you back up data from mobile devices in the event one is lost. In some cases, G Suite also allows you to integrate external security tools. This applies, for example, to Gmail, where you can also use your own certificates for S/MIME encryption of e-mail correspondence.
It is also necessary internally to keep things private across different departments and levels, and to additionally protect particularly confidential data, especially personal data of customers and employees. To ensure this, you can define, for example, individual access rights for each user so that not everyone can view, edit, and download all documents.
The G Suite provides administrators with many options. Administrators can store employee chat logs and manage user accounts and personal data. G Suite claims to comply with EU data protection requirements. Nevertheless, it is advisable to have a legal expert check whether your own use of the platform complies with the GDPR. In addition, there are companies that have agreed their own contractual clauses with Google regarding data processing.