Digital Game Wardens: Securing Google Workspace | Scinary Webinar

Is your Google Workspace doing everything it can to stop phishing attacks before they cause serious damage? In this webinar, John and Brazos walk through practical, actionable controls inside the Google Admin Console to help reduce the impact of phishing, using built in tools. From Business Email Compromise (BEC) to Adversary-in-the-Middle (AiTM) attacks, we break down how modern phishing campaigns actually work and how attackers are bypassing traditional MFA, then show you exactly where to go in the console to fight back. This is built for IT administrators in K-12 and higher education, but the guidance applies broadly to any Google Workspace environment. In this webinar, we cover: BEC and AiTM Attacks Explained: How attackers steal session tokens to bypass MFA entirely - and why your users don't even know it's happening. Two-Step Verification Enforcement: Why allowing MFA isn't enough - and which MFA methods you should stop using immediately (hint: ditch SMS). Passkeys and Hardware Keys: Why phishing-resistant authentication is the new standard and how to roll it out starting with your highest-risk accounts. Password Policy Modernization: Why NIST has moved away from complexity requirements toward longer passphrases - and how to configure this in Google. Session Duration Controls: Why "never expire" is never the right answer for Google session tokens. Third-Party App Access: How attackers maintain persistence inside compromised accounts - and how to lock this down with app access controls. Gmail Safety Settings: Spam, phishing, and malware filters that are shockingly often left disabled or misconfigured. Legacy Auth (POP/IMAP): How older email protocols can let attackers completely bypass modern authentication controls. SPF, DKIM, and DMARC: Why your DMARC policy being set to "none" means it is doing absolutely nothing. Restricted Delivery for Students: Why limiting external email access for younger students is one of the easiest wins available. Google Drive Sharing Controls: How to use OUs and groups to restrict external file sharing and reduce data exposure. Google Takeout: The often-overlooked export feature that could let anyone walk out the door with sensitive organizational data. Super Admin Audits: Why limiting and regularly auditing your Super Admin accounts could prevent a full tenant compromise - or worse, deletion. Whether you have inherited a Google Workspace environment or you have been managing one for years, there is a good chance at least a few of these settings are not where they should be. This webinar is your checklist. --- Connect with Scinary Cybersecurity: https://www.scinary.com https://x.com/scinarycyber   / scinarycyber   #Phishing #Cybersecurity #ITAdmin #InfoSec #Webinar