Security is one of the biggest concerns for business owners when deciding whether to use an online service like Google Apps.

So what are the best ways to protect yourself when using it?

Amit Agarwal is a professional blogger and technology columnist. He writes digital inspiration, a world-class technology blog. But Amit got hacked this week. He wrote about it on his blog, providing some excellent advice on how to protect yourself from a similar kind of attack.

Amit wrote that he often receives false requests to change his password. He received a similar message this week, but ignored it. A few minutes later he started getting error messages. He could not get to his accounts.

Amit had been hacked. He thinks that a hacker accessed a backup email that he had set up for his accounts.

Amit had his service restored in about three hours, after some calls to Google. He felt obviously relieved, but also had that feeling of emptiness when you suddenly realize you have no control over your accounts.

To help others avoid this kind of calamity, Amit summarized in five points how to make sure something like this does not happen to you:

1. Log-in to your Gmail / Google Account and associate it with a phone number: It’s a simple set up. You will get confirmation via SMS. If you do get attacked, a notification will go to you that someone is trying to get to your password.

2. Create a new email address: Set up the email to act as a backup and as a secondary email for your Google Apps account. Good advice by Amit: do not auto-forward your email as the whole purpose of setting it up will be defeated.

3. Write it Down: Get out that old-fashioned pen and paper. Write down the following information so you can verify your identity just in case you do get hacked and your secondary email gets compromised, too.

From Amit:

  • The month and year when your created your Gmail / Google Account.
  • If you created a Gmail account by invitation, write the email address of the person who first sent you that invite for Gmail.
  • The email addresses of your most frequently emailed contacts (the top 5).
  • The names of any custom labels that you may have created in your Gmail account.
  • The day/month/year when you started using various other Google services (like AdSense, Orkut, Blogger, etc.) that are associated with the Google account that you are trying to recover. If you’re not certain about some of the dates, provide your closest estimate.

4. Run a Test!

Log-out of all your Gmail / Google Accounts. Start the password recovery process. This guarantees that what you set up actually works. You want to be absolutely certain your SMS settings and secondary email addresses are configured correctly.

5. Check your IP Address: From time to time check out the IP address in the footer of your Gmail Inbox. If you see an odd one, change your Google password immediately. Knowing IP addresses may seem too technical to some but it’s good information to know.

You should not have to be overly concerned about Google Apps security. If people take these kinds of basic steps, the chances of getting hacked decrease considerably.