G Suite will be familiar web software to many business owners. The suite of online web applications includes products like the popular Gmail platform, as well as useful alternatives to Microsoft Word and Microsoft Excel, Google Docs and Google Sheets, respectively. There’s also Drive for online cloud backup storage, and other programs, too. For personal users who produce a lot of spreadsheets and documents, or for small businesses looking to avoid costly licensed software, the platform can be invaluable.
But Google has itself revealed that a security breach was discovered on the platform recently, which saw plain text passwords stored on their servers for an incredible 14 years. As a result, the company has begun issuing forced password resets to “a subset of our enterprise G Suite customers”. These users have been advised to immediately change their passwords owing to a problem that left their credentials exposed for over a decade.
Google posted about the issue on their own Google Cloud blog on May 21st, highlighting how a platform error that happened in 2005 resulted in a copy of real user passwords being stored in plain text, as opposed to the normal process of storing a “hashed” (scrambled) version. In theory, this could’ve allowed a third-party to intercept and maliciously use the credentials to gain access to accounts. However, the company explained how they had seen no evidence of unauthorised access, as well as highlighting how the passwords were still located on a “secure encrypted infrastructure”, meaning that the likelihood of malicious activity was still low.
According to Google, the issue was attributable to a historic software feature that was part of G Suite at the time, but was no longer there. In 2005, G Suite administrators were allowed to set and recover passwords for their own enterprise users, meaning that they needed access to “unscrambled” passwords. However, this feature no longer exists, meaning that the cause of this security issue couldn’t happen again.
Incidentally, Google has also highlighted another issue that was discovered as part of the investigation, this one occurring more recently in January of this year. It resulted in unhashed passwords being retained for up to a fortnight. But like the first issue, the company has now fixed the problem and issued an apology. Similarly, they’ve also highlighted that no unauthorised account access has been discovered.
The benefits of G Suite
Whether you’re a business owner or just a personal user, G Suite can be immensely beneficial to you.
One of the biggest costs for small business owners is in buying licenses for paid-for software packages. If you’ve a large workforce, then every license to use Microsoft’s suite of software applications will cost you. The same can be said for other more specialist pieces of software that might be required for specialist roles, like accountancy, account management, and so on.
Though you can’t always find free replacements for such software applications, you can offset the cost of basic business applications like a word processor and spreadsheet tool by using G Suite instead.
If you’re not a business owner, you might still find use out of G Suite. For the kids’ homework assignments, Google Docs is good enough, even if it does lack some of the bells and whistles of Microsoft Word. But crucially, it won’t cost you a thing. And then there’s Google Drive, a free online backup for your files and photos that isn’t exposed to the same risks as a physical hard drive.
In the grand scheme of things, this security issues is a pretty negligible problem and the pros of G Suite far outweigh the cons. If you’d like to know more about this software or web apps in general, get in touch with WiseGuys on 0808 123 2820.
Recent Comments