Google Workspace security whitepaper

With multiple security and privacy controls in place, organizations need a centralized location where they can prevent, detect, and remediate threats. The Google Workspace security center⁹ provides advanced security information and analytics, and added visibility and control into security issues affecting your domain.¹⁰ It brings together security analytics, actionable insights and best practice recommendations from Google to empower you to protect your organization, data and users.

As an administrator, you can use the security dashboard to see an overview of different security center reports. The security health page provides visibility into your Admin console settings to help you better understand and manage security risks. Furthermore, you can use the security investigation tool to identify, triage, and take action on security and privacy issues in your domain. Administrators can automate actions in the investigation tool by creating activity rules to detect and remediate such issues more quickly and efficiently. For example, you can set up a rule to send email notifications to certain administrators if Drive documents are shared outside the company.

The alert center for Google Workspace provides all Google Workspace customers with alerts and actionable security insights about activity in your domain to help protect your organization from the latest security threats, including phishing, malware, suspicious account, and suspicious device activity. You can also use the alert center API to export alerts into your existing ticketing or SIEM platforms.

Google Meet takes advantage of the same secure-by-design infrastructure, built-in protection, and global network that Google uses to secure your information and safeguard your privacy. Our array of default-on anti-abuse measures that include anti-hijacking measures for both web meetings and telephony dial-ins, keep your meetings safe.

For users on Chrome, Firefox, Safari and new Edge we don't require or ask for any plugins or software to be installed, Meet works entirely in the browser. This limits the attack surface for Meet and the need to push out frequent security patches on end-user machines. On mobile, we recommend that you install the Google Meet app from Apple App Store or the Google Play Store.

We support multiple 2 Step Verification (2SV) options for Meet that are both secure and convenient - hardware and phone-based security keys, as well as Google prompt. Meet users can enroll their account in Google’s Advanced Protection Program (APP). APP provides our strongest protections available against phishing and account hijacking and is specifically designed for the highest-risk accounts, and we’ve yet to see people successfully phished if they participate in APP, even if they are repeatedly targeted. For more information, check out this page.

The protection of information on mobile and desktop devices can be a key concern for customers. Google Workspace customers can use endpoint management¹¹ to help protect corporate data on users’ personal devices and on an organization’s company-owned devices. By enrolling the devices for management, users get secure access to Google Workspace services and organizations can set policies to keep devices and data safe through device encryption and screen lock or password enforcement. Furthermore, if a device is lost or stolen, corporate accounts can be remotely wiped from mobile devices and users can be remotely signed out from desktop devices. IT admins can also manage and configure Windows 10 devices through the Admin console, and users can use existing Google Workspace account credentials to login to Windows 10 devices and access apps and services with single sign-on (SSO). Reports enable customers to monitor policy compliance and get information about users and devices. You can obtain further information on endpoint management here.

Enterprises storing data in the Cloud seek visibility into data access and account activity. Google Workspace audit logs help security teams maintain audit trails in Google Workspace and view detailed information about Admin activity, data access, and system events. Google Workspace admins can use the Admin Console to access these logs and can customize and export logs as required.

Google Workspace administrators have access to security reports that provide vital information on their organization’s exposure to data compromise. They can quickly discover which particular users pose security risks by not taking advantage of 2-step verification, installing external apps, or sharing documents indiscriminately. Administrators can also choose to receive alerts when suspicious login activity occurs, indicating a possible security threat.

Google Workspace admins can export audit logs and other information to BigQuery. With BigQuery, Google’s enterprise data warehouse for large-scale data analytics, customers can analyze Google Workspace logs using sophisticated, high-performing custom queries, and leverage third-party tools for deeper analysis.