Google Adds New Ways For IT Admins to Keep Enterprises Secure

Google announced today that it will provide new G Suite and Cloud Identity that would make it easier for IT administrators to protect their enterprises' data, ensure compliance, and manage devices.

The new automated security and privacy remediation actions built within the security center, intelligent G Suite access controls, and endpoint management will be turned on by default for G Suite and Cloud Identity to drastically reduce the admins' ongoing efforts to secure their computing environments.

"Some of these features will be turned on by default for G Suite and Cloud Identity so that we can reduce the burden on IT admins while ensuring that the right protections are in place for your organization," says Google. "And, even better, in most cases your users won’t have to do anything to benefit from these enhanced protections."

Wiz

New security center rules for security automation

Google's G Suite security center is designed to provide enrolled organizations with best practice recommendations and security analytics via a unified security dashboard that will allow administrators to detect and act on any privacy or security issues impacting their domain.

Starting today, they are also able to create automated rules that will automatically perform remediation actions or send notifications to the alert center, thus making it a lot easier for large teams to collaborate and automate threat management and boost tracking capabilities.

"This makes it possible for teams of admins and analysts to collaborate on security investigations instantly based on alerts, and makes it easier to assess and manage threats with automated actions and improved tracking—necessary steps to improve your organization’s security posture," Google adds.

This new G Suite security center capability will be available for all organizations with a G Suite Enterprise plan and it will roll out on a planned schedule over the next two weeks.

G Suite security center action automation

Basic device management toggled on by default

With over 85 million devices licensed via G Suite, Cloud Identity, and Chrome Enterprise being managed through Google's endpoint management solution, having it enabled by default translates into improved security management controls for admins.

This means that the users will not have to install a specially designed profile or agent for their device to be included in the enterprise's endpoint management tool, given that Google's solution is cross-platform and it comes with support for Mac, Windows, Chrome, and Linux devices.

"Particularly within G Suite & Cloud Identity, multiple devices per user can be managed at no additional cost. Now, basic device management is automatically enabled for your desktop devices that access G Suite," Google states.

Once basic device management is enabled for a domain, IT admins will be able to:

• See which devices access corporate data in a single dashboard
• Remotely sign out users from desktop devices should the device become lost or stolen
• Allow multiple user accounts to be managed on the same device, which will benefit employees who often share devices, like frontline workers

Upon release, these new basic device management features will be made available for all G Suite and Cloud Identity customers.

Basic endpoint management

G Suite with intelligent access controls

Google also made context-aware access controls available for all G Suite Enterprise customers enabling them to provide users with secure access based on zero trust security model and the company's BeyondCorp implementation.

Context-aware access makes it possible for admins to only allow access to a G Suite resource to users connected via a corporate device or IP address, to users part of high trust groups when connecting from outside a corporate network, or to users of encrypted devices with the screen lock feature enabled.

More information on how to use G Suite's context-aware access to boost an enterprise's security is available in the video embedded below.

Enabling context-aware access for a specific G Suite domain will allow customers to:

• Dynamically control access to G Suite apps based on a user’s identity and the context of their request, like device security status, IP address, etc.   
• Use granular controls for different organizational units (OU)  
• Control access to several G Suite apps by setting policies for the different access levels that have been set up 

Two weeks ago, Google also announced the beta release of Security Health Analytics, a solution designed to help Google Cloud Platform (GCP) admins take action after identifying compliance violations and security misconfigurations.

After Security Health Analytics is toggled on, it will automatically run scans twice each day, monitoring for vulnerabilities and misconfigurations in GCP across multiple domain resources.

Google provides an extensive list of reference guides and techniques for managing and remediating Security Health Analytics findings with Cloud Security Command Center.

tines

Break down IAM silos like Bitpanda, KnowBe4, and PathAI

Broken IAM isn't just an IT problem - the impact ripples across your whole business.

This practical guide covers why traditional IAM practices fail to keep up with modern demands, examples of what "good" IAM looks like, and a simple checklist for building a scalable strategy.

Related Articles:

Google will finally allow you to change your @gmail.com address

Amazon: Ongoing cryptomining campaign uses hacked AWS accounts

Zeroday Cloud hacking event awards $320,0000 for 11 zero days

Amazon disrupts Russian GRU hackers attacking edge network devices

Google is shutting down its dark web report feature in January