Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Google Workspace Now Warns Admins of Sensitive Changes

Google this week announced that new warnings added in the Google Workspace Alert Center will keep administrators notified of critical and sensitive configuration changes.

Google this week announced that new warnings added in the Google Workspace Alert Center will keep administrators notified of critical and sensitive configuration changes.

Previously known as G Suite, Google Workspace provides secure collaboration and productivity tools for enterprises of all sizes. Accessible from anywhere in Google Workspace, the Alert Center delivers real-time security alerts and insights, to help admins mitigate threats such as phishing and malware.

With the new alerts in place, admins will also receive notifications whenever select changes are made to their Google Workspace configurations.

Specifically, warnings will be displayed when the primary admin is changed, when the password for a super admin account has been reset, and when changes are made to SSO profiles – when a third-party SSO profile has been added, updated, or deleted for the organization.

“These additional intelligent alerts will closely monitor several sensitive actions, making it easier for admins to stay on top of high-risk changes to their environment and potentially malicious actions being taken by bad actors,” Google explains.

An email notification containing key details on the event will be delivered to admins and super admins for each alert. The security investigation tool will allow admins to further investigate the reported incident.

The alerts and their associated email notifications are enabled by default and cannot be turned off.

The new capability is rolling out to all Google Workspace customers, including legacy G Suite Basic and Business customers, and is expected to become visible for everyone in the next couple of weeks.

Advertisement. Scroll to continue reading.

Earlier this year, Google boosted malware and phishing protections in Workspace with updated comment notifications that now also include the commenter’s email address, so that users can better assess the legitimacy of the message.

Related: Google Workspace Gets Client-Side Encryption

Related: Google Rolling Out Security Update for Google Drive

Related: Google Workspace Gets New Security Features

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...