Google Workspace Adds Stronger Protections to Sensitive Accounts
Google has released a new update that should help to prevent unauthorized changes to Workspace user accounts. This security feature brings identity verification prompts to protect high-risk customers from malicious attacks in enterprise environments.
With this release, Google Workspace has introduced a new “Verify it’s You” prompt to block suspicious account activities. Users will need to provide an additional verification method (such as multi-factor authentication (MFA)) to perform sensitive actions. These include changing the account name or password, exporting account data, disabling two-step verification, and more.
Google highlights that this release aims to provide additional protection to high-profile user accounts that are frequently targeted by criminals. The feature prevents attackers from making any changes that would negatively impact the account owner or the organization.
“This added layer of security helps to intercept bad actors who have gained access to a user’s account, further protecting their data and your organization’s sensitive information. Additionally, these challenge attempts will be logged as an audit event allowing for further admin investigation,” Google explained in a blog post.
IT admins can disable login challenges for Google Workspace users
According to Google, IT admins can temporarily turn off login challenges, and other security prompts for users stuck behind login prompts. To do this, admins will need to navigate to the Admin console under Users >> “UserName” >> Security.
Keep in mind that it will remove all security protections on the user’s account, and Google recommends that administrators should use a video call to confirm their identity. You can check out this support document for more details.
Google notes that the new security update is rolling out to all Google Workspace, legacy G Suite Basic, and Business customers. However, this feature can only block unauthorized actions within Google products, and it doesn’t support SAML users at the moment.
More in Security
Petri Dish: Cybersecurity vs IT Security with Devolutions
Sep 28, 2022 | Russell Smith
Stop MFA Fatigue with Additional Context and Number Matching for Microsoft Authenticator
Sep 22, 2022 | Rabia Noureen
Researchers Warn About New Shikitega Malware Targeting Linux Endpoints and IoT Devices
Sep 12, 2022 | Rabia Noureen
LastPass Confirms Internal Source Code Compromised in Security Breach
Aug 26, 2022 | Rabia Noureen
Avast Gets New Ransomware Shield to Protect Small Businesses
Aug 24, 2022 | Rabia Noureen
Mandiant Warns Hackers Now Use New Trick to Bypass MFA
Aug 22, 2022 | Rabia Noureen
Most popular on petri