• +662 030 0066
  • support@dmit.co.th
  • Mon - Fri: 8:30 - 17:30
Facebook-f Youtube Linkedin
Facebook-f Youtube Linkedin
  • +662 030 0066
  • support@dmit.co.th
  • Mon - Fri: 8:30 - 17:30

IT Security Guideline for SMBs Using Google Workspace (Under 100 Users)

IT Security Guideline for SMBs Using Google Workspace (Under 100 Users)

For SMBs in Thailand, Google Workspace is one of the most well-known solutions for businesses, powering email, collaboration, and cloud storage in daily operations.

As your business expands, security risks increase. Even if your organization has fewer than 100 users, you can still achieve enterprise-level security with the right setup and discipline.

How can businesses improve IT security in the organization?

1. Strengthen Identity and Access Management

  • Enable 2-Step Verification (MFA) for all accounts.
  • Turn off Less Secure App Access in the Admin console.
  • Assign roles properly and clearly ā€“ Admin rights only for IT or management.
  • Always check Security Reports in the Admin console for suspicious logins or failed attempts.
  • Disable or suspend unused accounts immediately.

2. Protect Endpoints and Devices

  • Require all company devices to sign in with Google Workspace accounts and manage through Device Management.
  • Enforce screen locks, encryption, and automatic OS updates.
  • Use Basic Mobile Management to remove lost devices.

3. Secure Data and File Sharing

  • Use default sharing as ā€œRestrictedā€ for internal use only.
  • Enable Data Loss Prevention (DLP) in Drive and Gmail.
  • Use Google Vault for backup, archiving, and compliance.
  • Often review files shared externally (via ā€œShared with meā€ in Drive).

4. Strengthen Email and Communication Security

  • Enable Advanced phishing & malware protection in Gmail.
  • Set up DMARC, DKIM, and SPF records for your domain.
  • Regularly train users to be aware of phishing attempts.

5. Backup and Business Continuity

  • Implement 3-2-1 Backup rule:
    • 3 copies of data
    • 2 different storage types
    • 1 offsite or third-party backup (e.g., SpinBackup, Acronis).
  • Monthly restore tests.
  • Keep important files in an offline, encrypted vault.

6. Build a Security Culture

  • Provide Google Workspace Training about usage and security for all employees.
  • Regularly share cybersecurity insights and best practices.
  • Encourage quick and easy reporting of suspicious activity.

Summary

Security Area

Recommended Setup

Login & Access

MFA + Role-based Access

Devices

Device Management

Data

DLP + Restricted Sharing

Email

SPF, DKIM, DMARC + Anti-phishing

Backup

3-2-1 Rule + Vault

Training

Awareness + Clear Policy

Security in Google Workspace goes beyond the basics. It is about protecting your business data during every taskā€”from email and external sharing to system management. Implementing these measures is the critical step toward a secure, efficient, and confident workflow.

Demeter ICT is Google Cloud Premier Partner in Thailand & Asia Pacific. We specialize in full-service solutions, covering setup, migration, security policies, and training.

For inquiries regarding Google Workspace, please contact us below.

+66 2 030 0066
support@dmit.co.th

43 Thai CC Tower, 7Fl., Room 074, South Sathorn Rd., Yannawa Sathorn, Bangkok 10120

About Us

Career

Privacy Policy

Follow Us

Youtube
Linkedin-in
Copyright Ā© 2025 DEMETER ICT | Powered by DEMETER ICT