As many in the industry are now aware, Okta experienced a form of security breach back in January which the wider industry was unaware of until screenshots obtained by the LAPSUS$ group were posted on Twitter on March 21st, at 10:15pm CDT.
I tweeted this the other day, and had a lot of folks reach out asking for more details/a diagram of this setup.
Shortly after publishing Part 1 of my G Suite DFIR blog series, I gave a talk on the topic at BSides SATX. The talk had a super engaged audience and based on a few of the questions I received it became very clear that I needed to take a step back and first tell people how to secure their environment. This post aims to provide readers with a good baseline for a secure G Suite configuration and some recommendations related to preparing for worst case scenario.