This course is designed for Google Apps administrators who wish to reinforce security for their domain with Google Apps. The class covers concepts and practices through exercises that will be supported by the instructor. This course focuses specifically on the following items:

Google Apps Admin Console

Strengthen Security Google Apps

The Administrators will learn through lectures and hands-on labs to reinforce the concepts of Google Apps Security, which will support them in the day to day operations in the company.

Skills taught

You will be able to:

• Analyze current security situation on your domain

• Take the necessary measures to strengthen the security of your domain

• Determine if there is some spoofing situation in your domain and fix it

• Understand and apply digital signature to emails from your domain, avoiding any malicious attack to steal information (man-in-the-middle attack)

Prerequisites

The prerequisites for this course include:

• Intermediate knowledge in managing the Google Apps Admin Console.

• Basic knowledge on SSL, blacklist and whitelist.

• Public DNS records management

• IP ranges management

Course Outline

• High priority

• Set SPF record for the domain

• Authentication emails through DKIM digital signing

• Analyze headers of suspicious e-mail

• Ensure that the NS records point to a single DNS provider

• Delete sign-in cookies of one account when unusual activity is perceived.

• Change user password

• Revoke access for any third-party applications within the domain account.

• Check if the domain is blacklisted anywhere

• Restrict access to Google Apps based on IPs and time.

• Medium priority

• Enable SSL for the domain

• Using two-step authentication for the domain

• Generate specific passwords for certain applications when you are using two-step authentication.

• Establish management policies and structure of passwords

• Low priority

• Configure blacklists for the domain

• Configure whitelists for the domain

Audience