Security Hints & Tips: Google Groups – Do’s and Don’ts

Do’s

• Do Set Permissions Carefully
  • Limit the number of members with “Owner” or “Manager” roles. Only grant these permissions to those who truly need them.
• Do Restrict Group Visibility
  • For sensitive groups, set visibility to “Private” or “Restricted” to control who can find and access the group.
• Do Moderate Messages from New Members
  • Use moderation for new or unknown members to prevent spam, phishing, and unauthorized sharing of links or attachments.
• Do Regular Security Reviews
  • Conduct regular security audits of group permissions, member access, and visibility settings to ensure ongoing protection.

MGC CYBER
HEROES

Every month, our incredible users spot hundreds of phishing emails using the Phish Alert Button (PAB). Recently, Ruth Zastre from the MGF group detected a phishing email that leveraged a telegram group link to evade security sensors and direct users into disclosing sensitive information. Thanks to Ruth’s quick action, our Cybersecurity team is even more aware of a new technique for propagating phishing links.

Ruth’s attentiveness and commitment to our IT procedures were instrumental in alerting our Cybersecurity team to this malicious campaign.

A huge thanks to Ruth and all our Cyber Heroes for their steadfast dedication to keeping our business secure!

Don’t

• Allow Open Membership for Sensitive Groups
  • For groups with confidential information, don’t allow members to join without approval. Vet new members to verify they are legitimate.
• Don’t Overlook File-Sharing Restrictions
  • Limit or restrict file-sharing in groups with high security needs. Files can contain malicious code or phishing links.
• Don’t Forget to Update Roles When Members Leave
  • If a member with administrative permissions leaves, remove their access immediately to prevent unauthorized control.