Hooloovoo, a Belgrade-based IT company with 150+ user accounts and a decade of successful collaboration with Swedish clients, wanted to make sure their Google Workspace was secure and ready for an upcoming ISO audit. They turned to Revolgy for expert help in identifying and fixing any potential gaps.
A 360-degree security audit
Our security audit evaluated 77 items across 11 critical areas of Hooloovoo’s Google Workspace environment, including accounts, Gmail, Drive, Google Chat, mobile devices, and third-party apps. Each item was assessed and prioritized based on the risk level, focusing on high-impact vulnerabilities. We identified risks that could leave the company vulnerable to data breaches, malware, or compliance issues, especially as they prepared for their ISO certification.
“Keeping things secure doesn’t have to be complicated. Our audit helped Hooloovoo understand what needed to be done and gave them clear recommendations to get ready for their ISO audit.” — Jan Z., Google Workspace Deployment Specialist at Revolgy
What we covered in our security audit
We started with administrator accounts, checking if they used two-factor authentication (2FA) and security keys, and if these were set up separately from everyday accounts to reduce risk. For regular user accounts, we reviewed password policies, whether 2FA was being used, and how email alerts were set up to catch suspicious activity.
Next, we looked at third-party apps to make sure they were verified and didn’t have unnecessary access to sensitive data. Calendar sharing settings were reviewed to keep external sharing secure, and Google Chat settings were checked to control file sharing and external participation.
We also examined Chrome browsers and devices to see if they were following security policies and staying up to date. For mobile devices, laptops, and other endpoints, we focused on encryption and management settings to ensure lost or stolen devices couldn’t be used to access company data.
For Google Drive, we reviewed sharing settings, data loss prevention rules, and how Drive for Desktop was being used, aiming to prevent accidental data leaks. Gmail security was checked for proper email authentication settings, spam filters, and attachment protections. Finally, we looked at Google Groups to ensure external members and group creation were managed securely, and Google Sites to control external sharing and reduce the risk of leaks.
On top of these specific areas, we shared best practices to help Hooloovoo stay ahead of potential threats. These included tips for phishing and malware protection, securing admin accounts, providing regular security training for employees, and scheduling routine audits to keep their Workspace secure in the long run.
“We were really happy with the value Revolgy brought to our team. Their insights and recommendations made a huge difference during our ISO 27001 certification, and the entire process was smooth and professional.” — Marko Vukadinovic, COO, Hooloovoo
A safer, scalable Workspace environment
With our expert guidance, Hooloovoo took a big step to improve their Google Workspace security. Revolgy’s focus on both technical and user-friendly solutions made it easy for them to implement changes without disrupting their daily operations. They’ve strengthened their defenses, streamlined user access, and built a foundation for continued growth and security.
Do you want to strengthen your Google Workspace security just like Hooloovoo did? Contact us today for a free consultation.
