• News
  • Columns
  • Interviews
  • BW Communities
  • Events
  • BW TV
  • Subscribe to Print
  • Editorial Calendar 19-20
BW Businessworld

3 Ways To Build A Gmail Security Conscious Culture At Your Workplace

Here are three effective ways to build a security-conscious culture at your workplace

Photo Credit :


Gmail holds a huge volume of your information, a lot more than you’d think. Financial statements, passwords, trade secrets — everything is on Gmail in some way or the other.

At the same time, hacking and security breaches are common — again, a lot more common than you’d like. Even giants like Deloitte are not safe from these threats. Not very long ago, email accounts of almost 350 clients, including some of the biggest multinationals, four US government departments, and the United Nations were all compromised. 

Don’t end up in a situation like Deloitte’s. Pay attention to security before something goes down. 

Build a security-conscious culture

Expecting teams to be accountable without awareness won’t do much for your Gmail security. You have to first educate members to make the right decisions: whom to give email access permissions, which links to click and which ones to not, using the right device, so on and so forth. 

That's why you need to build a culture of cybersecurity awareness so members understand how to correctly protect their Gmail.

Here are three effective ways to build a security-conscious culture at your workplace:

1. Create information security program

Workplaces should build an information security program. Don’t let the jargon scare you off. It’s just a document detailing the entire approach of how to address security in your work environment.

It’s a manual which will guide team members on:

  • The do’s and don’ts of data security
  • What data should they be seeing at
  • Identifying unauthorized email activities
  • Reporting phishing emails - an emergency notification system to help members communicate threats as soon as they are detected

Essentially, it standardizes Gmail security practices across the length and breadth of the organization.

2. Make 2-factor authentication mandatory

Google claims it to be its most sophisticated security feature, yet the number of users that have enabled 2-factor authentication (2FA) are miniscule.

A 2-factor authentication adds an extra layer to your Gmail security. Traditionally, you only need a password to access someone’s mail. With 2FA, you need a password and a code which will be sent to your phone. Basically, if the baddies have your password, they still can’t access your emails.

This additional security keeps your Gmail immune to phishing scams. Cybercriminals may get hold of credentials of any of the team members and use it to send emails to everyone on the contact list. These emails contain links, clicking on which will spread malware from your Gmail to Google Drive. You can now bid adieuto all the files stored on the company drive!

3. Have regular security workshops

Educating about Gmail security is of no use if it’s not put into application. It requires more than a pep talk to motivate teams to follow up on Gmail security best practices. 

Security workshops can include new updates on latest Gmail security features, policies, and general code of conduct. But, let’s be honest. ‘Security workshops’ doesn’t sound like much fun and members fail to register much of anything at these workshops. Half-baked knowledge or the lack of it can potentially put your Gmail security at risk.

Pushing members to take a keen interest in strengthening Gmail security requires an element of fun. The chances of getting genuine participation from members are higher when there are more smiles than eye rolls.

Here are a few ways to ensure genuine participation from teams:

  • Gamification- Use game elements like rewards and competitions to engage users and solve real world problems, while motivating teams to be vigilant in identifying and communicating threats. Every ‘right’ action will fetch members points, taking them a level closer to the coveted reward. 
  • Virtual simulations- Offer interactive ways to learn about Gmail security. They offer greater engagement levels as opposed to a boring powerpoint presentation.

In the battle of strengthening Gmail security, hackers are getting the best of you. They have the luxury to try as many times and in as many ways, and they need to be successful only once. On the other hand, you have to identify and stop every attempt.

Finding the right balance is what makes the battle for Gmail security a tough one to crack. To keep a strong front against a high volume of coordinated cyber attacks, regularly update your Gmail security knowledge, policies, and tactics. At the same time, ensure none of these disrupt team collaboration at the workplace. It’s a tightrope to walk, but achievable and most necessary.

Disclaimer: The views expressed in the article above are those of the authors' and do not necessarily represent or reflect the views of this publishing house. Unless otherwise noted, the author is writing in his/her personal capacity. They are not intended and should not be thought to represent official ideas, attitudes, or policies of any agency or institution.

Tags assigned to this article:
gmail workplace

Niraj Ranjan Rout

The author is Co-founder & CEO of Hiver. An alumnus of IIT Kharagpur, Niraj completed his B. Tech in Electronics and Communications and went on to work with the Electronic Design Automation firm Mentor Graphics for five years. He took his first entrepreneurial plunge along with Nitesh Nandy when they started Mobicules, an app and web development company

More From The Author >>