Tag Archives: Admin Console

New email alerts and location for easier alert center management

What’s changing

We’re making some improvements to the alert center for G Suite. Specifically we’re:

  • Moving the location of alert management for predefined admin alerts in the Admin console to the system defined rules section.
  • Adding optional email notifications for more alerts.


Who’s impacted

Admins only

Why you’d use it

We hope that this will help you identify and take action to resolve potential issues affecting your domain. To get the most out of the alert center, you could also sign up for our recently announced beta, which will help you collaborate and track the status of alerts within your domain, as well as triage faster with insights from related alerts.

How to get started




Additional details

Moving alert management location

  • The alert management controls for predefined alerts could previously be found at Admin console > Reporting > Alerts. They will now be at Admin console > Security > Alert center > Settings (gear icon)
  • These predefined admin alerts include: 
  • There will be no change to any settings (whether email alerts are on or off, or the email subscriber list for any alerts) or the content of the alerts. We’re just moving where you should go to manage them. There will also be no change to the location of custom alerts. For the moment, they will still be at Admin console > Reporting > Alerts



Email notification options for more alerts 

  • We’re adding an option to get email notifications for several existing alerts that previously didn’t have the option to receive emails. 
  • These alerts include: 
    • Domain data export initiated 
    • Phishing message detected post-delivery 
    • Spike in user-reported spam, and others 
  • For each alert, you can choose whether to turn them on or off, and to specify which email address the alerts should go to. 
  • The email alerts will be on by default. To change or turn off email alerts, they can be adjusted at Admin console > Security > Alert center (gear icon), or directly access the new System defined rules section


Helpful links 




Availability 

Rollout details 



G Suite editions 
Available to all G Suite editions.

On/off by default?
These features will be ON by default.


Stay up to date with G Suite launches

Get more done in less time with G Suite Add-ons beta

This announcement was made at Google Cloud Next ‘19 in San Francisco. Check out Next OnAir to tune into the livestream or watch session recordings following the event.


What’s changing

We’re announcing G Suite Add-ons, a new cross-suite platform that connects G Suite to your favorite workplace apps, in a beta program.


Last year we announced a new feature that gives users quick access to Calendar, Hangouts, and Keep from an embedded side panel in G Suite. Today we’re announcing that the side panel is now open for third-party developers.

Who’s impacted

Admins and end users

Why you’d use it

Add-ons help you complete tasks directly from the G Suite app you're using, rather than needing to toggle from one app to another.

G Suite Add-ons also surface relevant information and suggest actions based on what you’re working on. For example, a salesperson can find customer info from their CRM tool while drafting a strategy in Docs, an engineer can add tasks to their project management app directly from Gmail, and a recruiter can consult their hiring pipeline while scheduling interviews in Calendar. Once enrolled in the beta, users in the domain will have access to new add-ons from Copper, Box, Workfront, Asana, Evernote, and Cisco, among others.

How to get started


  • Admins: Express interest in the G Suite Add-ons beta. Once your organization joins the beta program, you can also install chosen G Suite Add-ons for your entire domain via the G Suite Marketplace.
  • End users: Once your organization is in the beta program, you’ll be able to install G Suite Add-ons from the “+” button in the G Suite quick access side panel.The G Suite Add-ons you install will appear in the side panel across G Suite apps and help you complete entire workflows without the need to switch back and forth between multiple apps.

Helpful links



Availability

G Suite editions

  • All G Suite editions are welcome to apply to this program.

Stay up to date with G Suite launches

Increase trust in cloud data security with Access Transparency

This announcement was made at Google Cloud Next ‘19 in San Francisco. Check out Next OnAir to tune into the livestream or watch session recordings following the event.


What’s changing 

We’re making Access Transparency for G Suite generally available. Access Transparency enables you to get more visibility into actions taken by Google staff related to your data. You can view the reason for each access, including references to specific support tickets where relevant, which may help you support your audit requirements.

Access Transparency is available to G Suite Enterprise and G Suite Enterprise for Education customers only.

Who’s impacted 

Admins only

Why you’d use it 

At G Suite, we work hard to earn and maintain trust with our customers. Access Transparency supports this commitment to customer trust by giving you fine grained logs of actions taken by Google staff and the reason for each access, including references to specific support tickets where relevant.

Access Transparency may help you:
  • Verify why Google is accessing your data, such as fixing a fault or attending to your requests. 
  • Bring your audit controls closer to what you can expect on premise. 


How to get started 




A Sample view of the new report for G Suite Access Transparency 

Additional details 

Access Transparency will allow admins to:

  • View the reason for data access, including references to specific support tickets where relevant. 
  • Verify why Google staff is accessing your data, such as fixing a fault or attending to your requests. 
  • View and download logs to help you support your regulatory audits or data archival needs, showing extensive information such as accessor location, access justification, and the action taken on a specific resource. 


Helpful links 




Availability 

Rollout details 

  • Rapid Release domains: Extended rollout (longer than 15 days for feature availability) starting on April 20, 2019. 
  • Scheduled Release domains: Extended rollout (longer than 15 days for feature availability) starting on April 20, 2019. 


G Suite editions 

  • Available to G Suite Enterprise and G Suite Enterprise for Education edition only. 
  • Not available to G Suite Basic, G Suite Business, G Suite for Education, and G Suite for Nonprofits 


On/off by default?

  • This feature will be ON by default.


Stay up to date with G Suite launches

Enhancing data regions by supporting more data types and products

This announcement was made at Google Cloud Next ‘19 in San Francisco. Check out Next OnAir to tune into the livestream or watch session recordings following the event.


What’s changing 

G Suite’s globally distributed cloud infrastructure reduces latency and protects data with geo redundancy. Therefore, most organizations choose not to geo-restrict their data. However, some organizations have preferences around where their data is stored at rest. To serve this need, last July, we introduced data regions allowing you to choose the regions where covered G Suite data at rest is stored - globally distributed, US or Europe. We’re now launching enhancements to data regions with two key updates:

  • Coverage for Backups: Backup data for covered Apps is now included. 
  • Coverage for additional products: Forms’ and new Sites’ covered data is now included. 


Who’s impacted 

Admins only

The expanded product and data coverage will not alter any previous settings you may have configured. Your existing settings will be applied to the additional apps and data types covered with this release. As with the prior release, there is no impact to your end users.

Why you’d use it 

Data regions has been built keeping in mind the requirements of a geographically dispersed organization. With data regions, you can create as many organizational unit-specific regions as you want with no minimum seat requirements. Your end users don’t have to deal with downtime and continue to enjoy full edit capabilities of all files, even during a data move. Additionally, when file ownership changes happen, or users switch OUs, covered data is moved dynamically according to your settings.

How to get started 




Additional details 

To ensure visibility into your data move progress, there will be a new ‘Backups’ tab in the data regions dashboard (Admin console > Dashboards). The tab shows a breakdown of the Backup data move progress for each of the covered products. See image below for an example of the new dashboard view.


Helpful links 




Availability 

Rollout details



G Suite editions 

  • Available to G Suite Business, G Suite Enterprise, G Suite Enterprise for Education and Drive Enterprise 
  • Not available to G Suite Basic, G Suite for Education, and G Suite for Nonprofits 


On/off by default?

  • For customers already using data regions, expanded product and data type coverage will automatically be supported according to the pre-established settings. 
  • For customers not using data regions, it will be OFF by default and can be enabled on the Company Profile page at individual OU levels.



Stay up to date with G Suite launches

Use an Android phone as a security key for 2-Step Verification

This announcement was made at Google Cloud Next ‘19 in San Francisco. Check out Next OnAir to tune into the livestream or watch session recordings following the event.



What’s changing

We’re adding an option to use your Android phone’s built-in security key for multi-factor authentication in G Suite. All phones running Android 7.0+ (Nougat) have a built-in key which can be activated. This means your users can use existing phones as a primary 2-Step Verification method to protect against phishing. Using a phone as a security key is currently offered in beta.

Who’s impacted 

Admins and end users

Why you’d use it 

2-Step Verification greatly improves the security of your account by adding another layer to your account security and making it more resistant to phishing attacks. By adding the additional option of using your Android phone’s built-in security key, we’re expanding access to phishing-resistant 2-Step Verification method in a convenient form - your phone. This can make it faster for you to implement 2-Step Verification in your organization while keeping user training and overall costs to a minimum. 

Previously, in order to protect your users against password phishing, the only option was to use a security key fob. With this beta, their mobile phone can be that security key.

How to get started 




Additional details 


  • Available to G Suite, Cloud Identity, GCP customers, and personal Google Accounts. 
  • Available on phones running Android 7.0+ (Nougat) with Google Play Services. 
  • Compatible with Bluetooth-enabled Chrome OS, macOS X, or Windows 10 devices with a Chrome browser. 



2-Step Verification on a Pixel 3 

Helpful links 




Availability 

Rollout details



G Suite editions 

  • Available to all G Suite editions in beta. 


On/off by default? 

  • If 2-Step Verification or Security Key Enforcement is turned on for an organization, Android phone will be available as an option for security keys by default.


Stay up to date with G Suite launches

Dynamically control G Suite access with context-aware access beta

This announcement was made at Google Cloud Next ‘19 in San Francisco. Check out Next OnAir to tune into the livestream or watch session recordings following the event.


What’s changing 

We’re launching a beta program that enables G Suite admins to dynamically control access to G Suite apps based on a user’s identity and the context of their request (device security status, IP address, etc.). Members of the beta will be able to:

  • Set up different access levels based on a user’s identity and context of the request., 
  • Use granular controls for different organizational units (OU) 
  • Control access to several G Suite apps by setting different policies for the different access level profiles that have been set up 

Who’s impacted 

Admins only

Why you’d use it 

Currently G Suite admins can turn access to apps and services on or off for specific OUs or groups of users. This beta will provide more dynamic controls, so you can take into account contextual signals, such as device security status or IP address, to control access to those apps and services. Examples of access controls that can be set up through the context-aware access beta include:

  • Only users from corporate-owned device and a corporate IP address can access Google Drive. 
  • Only a “High Trust” group can access Google Drive when not on a corporate IP address. 
  • Only users from an encrypted device with a screen lock enabled can access Gmail. 

How to get started 


  • Admins: This is an opt-in beta. Admins can opt-in by changing their security settings Admin console> Security> Context-Aware Access
  • End users: No action needed


Additional details 

In the beta, context-aware access will only be configurable for Gmail, Calendar, Drive, Docs, Sheets, Slides, Forms, Sites, and Keep. You’ll be able to use the following contextual signals to control access:

  • IP Subnet (specific IPv4 or IPv6 address) 
  • Device policies as reported through the Endpoint Verification extension, including whether a device password is active, device encryption status, minimum OS versions, and company-owned devices. 

You can apply policies by OU or to the whole domain, and all admin activity is logged in audit logs in the Admin console > Reports > Admin view.

Availability 

G Suite editions 

  • Available to G Suite Enterprise, G Suite Enterprise for Education, and Cloud Identity Premium 
  • Not available to G Suite Basic, G Suite Business, G Suite for Education, G Suite for Nonprofits, and Cloud Identity Free.


Stay up to date with G Suite launches

Better manage threats and collaborate in new security center beta

This announcement was made at Google Cloud Next ‘19 in San Francisco. Check out Next OnAir to tune into the livestream or watch session recordings following the event.


What’s changing 

We’re launching a beta program to make it easier to assess your organization’s exposure to security issues and collaborate with colleagues to remediate them. The beta will add features to the G Suite security center which help you:

  • Save and share investigations in the security investigation tool 
  • Create rules within the security center to perform automated actions 

Find out more and sign up for the new security center beta here.

This beta will also allow you to send notifications to the alert center, where teams of admins and analysts can work together to take ownership of alerts and update status as they work through security investigations. For more information on the latest updates to the alert center, see this announcement.

Who’s impacted 

Admins only


Why you’d use it 

The G Suite security center already helps you protect your organization with security analytics and best practice recommendations from Google. It provides a unified security dashboard, a tool to investigate and remediate threats, and more. These features in the beta will make it easier to assess and manage threats by adding automated actions, improved tracking, and more to help your whole team understand and improve your security posture.


How to get started 

Additional details 

Save and share investigations 
We want to make sure admins are able to work together and collaborate to assess their organization’s exposure to security issues. With this beta launch, admins can now save their investigations in the security investigation tool and share them with other admins to improve collaboration.

Create rules and set up automated actions and alerts 
Admins can also create automated rules to perform remediative actions or send notifications to the alert center, where teams of admins and analysts can work together to take ownership of alerts and update status as they work through security investigations.

Helpful links 

Availability 

G Suite editions 
Available to G Suite Enterprise, G Suite Enterprise for Education, and Cloud Identity Premium.
Not available to G Suite Basic, G Suite Business, G Suite for Education, and G Suite for Nonprofits.

On/off by default? 
This will be OFF by default and only available to domains that sign up for the beta.


Stay up to date with G Suite launches

New alert management and collaboration features in the alert center beta

This announcement was made at Google Cloud Next ‘19 in San Francisco. Check out Next OnAir to tune into the livestream or watch session recordings following the event.


What’s changing 


We’re launching a beta for the alert center for G Suite which will enhance the existing alert center and make it easier for admins to manage and collaborate on alerts. Specifically, the beta will mean you’ll be able to:

  • Set status, assignee, and severity of alerts: Add key information to help your team take ownership of, assess, and collaborate as you work through security investigations. 
  • Use a more powerful search: Find alerts more easily by searching for alerts that contain a specific email address. 
  • See related alerts: The alert detail view will show other alerts related to the same actor or user to help discover possible related security incidents. \
  • See alert change history: See the history of metadata or content updates to that alert. This includes when status, assignee, or severities have changed. 

Find out more and sign up for the alert center beta here.

Who’s impacted 

Admins only

Why you’d use it 

The alert center already provides a single place to see notifications about potential issues within your domain, and take action to resolve the issues. We hope the enhancements in this beta will improve collaboration between admins and related teams with status, severity, and assignee information now available. We also hope it will make it easier to find patterns within alerts by adding more specific search capabilities and surfacing related alerts proactively.

How to get started 



Helpful links 




Availability 

G Suite editions 
Available to all G Suite editions.

Beta sign up 
Find out more and sign up for the alert center beta here.

Stay up to date with G Suite launches

See OS version for devices with basic mobile management

What’s changing 

Admins will be able to see the operating system (OS) version for devices with basic mobile management. Previously, this information was only available for devices with advanced mobile management.

Who’s impacted 

Admins only

Why you’d use it 

OS version is an important piece of information for assessing device security. This is because devices with older OS versions may not receive all security patches and can be more prone to threats. With visibility into the OS versions used by more devices in your organization, you can better understand potential security vulnerabilities and take actions to make sure devices with access to corporate data are using OS versions you see as appropriate.

How to get started 

  • Admins: To see OS version for basic devices, go to Admin console > Device Management > Devices
  • End users: No action needed. 


Additional details 

Admins will be able to see OS information in several places:

  1. On the devices list page (Admin console > Device Management > Devices) in the OS column. Previously this would have been blank for basic devices. On this page, admins will be able to filter devices with a specific OS to find devices with specific vulnerabilities or see what impact an OS update policy may have. 
  2. In the device detail page for each device. 
  3. In the audit logs at Admin console > Reports > Devices. Note that this is only available to G Suite Business, G Suite Enterprise, and G Suite Enterprise for Education domains. 


See and filter by OS version in the devices list view 

Helpful links 

Help Center: Set up basic mobile device management 

Availability 

Rollout details 

  • Rapid Release domains: Extended rollout (potentially longer than 15 days for feature visibility) starting on April 4, 2019. 
  • Scheduled Release domains: Extended rollout (potentially longer than 15 days for feature visibility) starting on April 4, 2019. 

G Suite editions 
Available to all G Suite editions.

On/off by default? 
This feature will be ON by default.

Stay up to date with G Suite launches

Transition your organization to use only Hangouts Meet for video calls

What’s changing

As part of the migration from classic Hangouts to Hangouts Meet that we announced last year, G Suite admins can now turn off classic Hangouts video calling for your organization. This means that all video calls in your organization will use Meet and any classic Hangouts video calls saved in Google Calendar will be removed.

Who’s impacted

Admins and end users

Why you’d use it

Enabling this setting expedites the transition of your organization to Hangouts Meet.

If you take no action, Calendar migration can continue to run and we'll automatically transition your organization to be Meet-only on our recommended schedule.

How to get started


  • Admins: Admins can turn off classic Hangouts video calling in the Admin console by:
    • Navigating to Apps > G Suite > Google Hangouts
    • Click Global settings
    • Next to Hangouts Meet, check All Meetings use Meet
    • Click Save
  • End users: No action required. If your admin decides to enable this setting, classic Hangout video calls will no longer be joinable. Please note, if you’d like to add Hangouts Meet video calls to replace removed classic Hangouts video calls, you must manually add one back into the Calendar event.

Additional details

When this option is turned on:

  • All video calls scheduled in Calendar will use Meet. This does not impact events scheduled by someone outside of your organization.
  • Any classic Hangouts video call URLs scheduled in Calendar will be hidden.
  • Classic Hangouts video calls scheduled within your organization will no longer be joinable and users will see an error message. Classic Hangouts video calls scheduled by someone outside of your organization will still be joinable.
  • You can use a custom meeting name to start an ad-hoc Meet call. Simply agree on a meeting name with all of the meeting participants and type it into the “Enter meeting code” field in Meet. Note that all participants must be in the same domain to use the name.

Please note, this change does not impact video calling from Hangouts Chat or classic Hangouts chat. This will continue to behave the same. Additionally, this change will not impact domains who do not have Meet turned on.

Admins should only enable this option if your organization is primarily on Meet with limited to no classic Hangout video calls scheduled in Calendar. You can check the usage stats for scheduled Calendar events using classic Hangouts video calling by using the Hangouts Meet audit log. To do so, query the number of calls containing a “Calendar Event Id” with “Product type” equal to classic Hangouts.

Finally, this setting is reversible. Unselecting this in the Admin console means that classic Hangouts video calls will again be shown in Calendar.


Helpful links

Help Center: Migration FAQs

Availability

Rollout details
Rapid Release domains and Scheduled Release domains: Admin console setting is currently available.

G Suite editions
Available to all G Suite editions

On/off by default?
This setting will be OFF by default for existing customers and ON by default for new customers

Stay up to date with G Suite launches