Tag Archives: Admin Console

Whitelist trusted apps for your domain to ensure apps work properly

What’s changing 

To give end users more granular control over what account data they choose to share with each app, we’re changing how users give apps permissions to access their information. See our Google Developers blog post for more details on what’s changing. These changes may impact how well an app functions should a user choose not to provide certain permissions.

As a result, we recommend that G Suite admins whitelist apps they trust and want their users to be able to use.

Who’s impacted 

Admins only

Why you’d whitelist apps 


Whitelisting an app means admins assign permissions at the domain level, and that end users don’t have to make choices on permissions for those apps. By whitelisting apps admins can ensure apps have the permissions they need to work properly.

How to get started 

Helpful links 


Help Center: Whitelisting connected apps 

Availability 


Rollout details 
Different apps will implement updated app permission controls at various times over the next several months. Some apps will make this change immediately, but the most commonly used apps will implement them after April 2019. To minimize disruption, we recommend admins whitelist trusted apps before April.
G Suite editions 
Available to all G Suite editions.
On/off by default? 
Whitelisting apps is OFF by default. Apps can be enabled at the domain level.
Stay up to date with G Suite launches

Easily enter building locations into the Admin console

What’s changing

You can now input addresses, instead of latitude and longitude coordinates, to enter the locations of your office buildings in the Admin console. This is a more efficient and reliable ways for you, as a G Suite admin, to manage international office locations.

Who’s impacted

Admins only

Why you’d use it

Adding address information immediately unlocks automatic correction of room and resource time zones based on building address. This ensures that you have correct data in the room insights dashboard. Additionally, with this change we’ll now automatically set the correct time zones for all resources in these buildings, and help ensure you see accurate usage by time of day in the room insights dashboard.

In the future, this information will also power other intelligent features such as:
  • Automatic time zone adjustment when you’re working from other buildings
  • Accurate directions from Calendar
  • Room suggestions in nearby buildings

How to get started


Admins: There are three ways to input this information:
  1. Directly from the Admin console user interface: In the Admin console under Manage Resources > Manage Buildings, you can enter addresses directly and be shown a Google map to confirm their location. This is recommended for entering a small number of buildings at a time. 
  2. Bulk upload via CSV file: This is also in the Admin console under Manage Resources > Manage Buildings. The bulk upload spreadsheet supports a general address format, so you can verify your locations in many countries and regions. 
  3. Upload via the Building Resources API
End users: No end user impact.



    Additional details

    Check out the Help Center for complete instructions on adding locations for all three of these methods and read the documentation on how to add building addresses via the API.

    Helpful links

    Help Center: Set up buildings, features, and other resources

    Availability

    Rollout details

    • Rapid Release domains: Full rollout (1-3 days for feature visibility) starting on February 6, 2019
    • Scheduled Release domains: Full rollout (1-3 days for feature visibility) starting on February 6, 2019
    G Suite editions
    Available to all G Suite editions
    On/off by default?
    This feature will be ON by default

    Stay up to date with G Suite launches

    Manage and distribute Android apps when using basic mobile management

    What’s changing 

    You can now manage Android apps for your users when using basic mobile management. Previously, you could only do this if you used advanced mobile management.

    Who’s impacted 

    Admins only

    Why you’d use it 

    With basic mobile management you can now:
    • Organize apps in the managed Google Play store 
    • Automatically install apps on users' devices 
    • Create web apps 
    • Create private apps 

    See below for more info.

    How to get started 

    • Admins: Go to Admin console > Device management > App Management > Manage apps for Android devices, to start to whitelist and manage Android apps
    • End users: No action needed. Users in basic mobile management domains will now see a “Work apps” section in the managed Google Play store. The section contains the default G Suite apps and other apps that are whitelisted from the Admin console

    Additional details 


    Organize apps in the managed Google Play store: 
    To help your users find the apps they need, you can organize apps into collections. These collections appear on devices in the “Work apps” section in the managed Google Play store.

    Automatically install apps: 
    With basic mobile management you can now automatically install apps on your users’ devices. Use our Help Center to find out how to manage app preferences. Note that preventing users from uninstalling apps, and some other advanced features, require advanced mobile management.

    Create web apps 
    You can now create and manage web apps in the Admin console. Web apps look like native apps and can make web pages easier to find and simpler to use on mobile devices. You can also distribute web apps the same way you distribute native apps–by adding them to collections in a managed Google Play store or automatically installing them on users’ devices.

    Create private apps 
    You can now create private Android apps directly from the Admin console. Simply upload the APK and give the app a title. The app will appear in the managed Google Play store within minutes. You can also install the app directly on your users’ devices (see above). Previously, it took several hours to create and publish an app, and you had to create a Play Console account, provide a credit card, and fill in many other fields before the app would be available to your users.


    The ‘Work Apps’ tab in the managed Google Play store has the G Suite apps and other apps whitelisted by admins. 

    Helpful links 


    Availability 

    Rollout details 

    G Suite editions:
    Available to all G Suite editions.

    On/off by default? 
    This feature will be OFF by default until app management is set up, and can be enabled at the domain, OU, or group level.

    Stay up to date with G Suite launches
  • Get G Suite product update alerts by email
  • See the G Suite launch release calendar
  • Subscribe to the RSS feed of these updates
  • Automatically provision users with three additional apps

    What’s changing 

    We’re adding auto-provisioning support for three new applications:
    • Boomi 
    • Keeper 
    • SpaceIQ 


    Who’s impacted 

    Admins only

    Why you’d use it 

    When auto-provisioning is enabled for a supported third-party application, any users created, modified, or deleted in G Suite are automatically added, edited, or deleted in the third-party application as well. This feature is highly popular with admins, as it removes the overhead of managing users across multiple third-party SaaS applications.

    How to get started 

    • Admins: For more information on how to set up auto-provisioning, check out the Help Center.
    • End users: No action needed.

    Helpful links 

    Help Center: Automated user provisioning 
    Help Center: Using SAML to set up federated SSO 

    Availability 

    Rollout details 

    G Suite editions 
    • G Suite Education, Business, and Enterprise customers can enable auto-provisioning for all supported applications 
    • G Suite Basic, Government, and Nonprofit customers can enable auto-provisioning for up to three applications 

    On/off by default? 
    This feature will be OFF by default and can be enabled at the OU level.
    Stay up to date with G Suite launches

    Five new third-party applications added to G Suite pre-integrated SAML apps catalog

    What’s changing 

    We’re adding SAML integration for five additional applications:
    • Carbonite 
    • ComponentSpace 
    • Emburse 
    • Sentry 
    • Twic 

    Use our Help Center to see the full list of SAML apps and find out how to configure SAML applications.

    Who’s impacted 

    Admins only

    Why you’d use it 

    With Single-Sign-On (SSO), users can access all of their enterprise cloud applications—including the Admin console for admins—after signing in just one time. Google supports the two most popular enterprise SSO standards, OpenID Connect and SAML, and there are already many applications with pre-integrated SSO support in our third-party apps catalog.

    How to get started 

    • Admins: You can find our full list of pre-integrated applications, as well as instructions for installing them, in the Help Center.
    • End users: No action needed.

    Additional details 

    Note that apart from the pre-integrated SAML applications, G Suite also supports installing “Custom SAML Applications,” which means that admins can install any third-party application that supports SAML. The advantage of a pre-integrated app is that the installation is much easier. Use out Help Center to learn more about installing Custom SAML Applications.

    Helpful links 

    Help Center: Using SAML to set up federated SSO 
    Help Center: Set up your own custom SAML applicationAvailability 

    Rollout details 

    G Suite editions 
    Available to all G Suite editions.
    On/off by default? 
    This feature will be OFF by default and can be enabled at the OU level.
    Stay up to date with G Suite launches

    Two new Hangouts Meet tools added to the Admin console

    What’s changing

    We’re launching two new features in the Admin console to help G Suite admins better understand and manage the usage of Hangouts Meet within their organizations. Specifically, we’re adding:

    • Meet quality tool: This tool gives quick and easy access to meeting information in your domain. With that information, you can better understand what happened in a meeting and what might have caused quality issues, significantly reducing troubleshooting time.

    • Hangouts Meet activity logs: Information about Meet usage and quality is now available to admins through Meet activity logs (in the Admin console under Reports > Audit > Hangouts Meet), enabling you both high level and detailed views on usage within your domain.

    Who’s impacted

    Admins only

    Why you’d use it

    Meet quality tool: Meet quality tool is designed to help you to troubleshoot your meetings. You can either look at one specific meeting or filter for a time frame, location, device or user. The data visible in Meet quality tool is available in the Hangouts Meet activity log (explained below) to enable further analysis.

    Hangouts Meet activity logs: Each time a device or a user leaves a call, an "Activity event" that summarizes usage and quality is generated. The event includes information about the endpoint (such as device type, location, IP, identifier, or call rating), its usage (such as time sharing their video, screen sharing or audio) and network statistics (such as jitter, packet loss, or RTT). Learn more about the data available in the Help Center.


    Hangouts Meet activity logs provides data to help better answer questions such as:
    • Is video conferencing transforming my organization (and if so, how)?
      • Which locations communicate actively and which locations are isolated?
      • How many minutes of video conference (VC) are run every day/week for different groups of people?
      • Does Meet help my organization work remotely?
      • Analyze Hangouts Meet Hardware usage. How does it change over time or location?
    • How is my network performing and what is the impact it has on video quality for my users?
      • How do users rate the quality of the calls on my domain? Does it vary over time or per location?
      • How much bandwidth does Meet use overall and at a specific location?

    How to get started


    • Admins
      • Meet quality tool: To use Meet quality tool you need to be a super admin or have the correct delegated admin privilege. Follow the instructions in the Help Center to learn more about Meet quality tool access delegation.
      • Hangouts Meet activity log: Visit the Admin console and go to Reports > Audit > Hangouts Meet. Here, you can export the data to your favorite analytical tool (using the Activity API or BigQuery for G Suite Enterprise customers) to answer specific questions you may have.

    Export the data using BigQuery


    • End users: No end user impact.

    Helpful links
    Help Center: Troubleshoot meeting quality
    Help Center: Hangouts Meet audit log

    Availability

    Rollout details

    • Rapid Release domains: Full rollout (1-3 days) starting on January 22, 2019
    • Scheduled Release domains: Full rollout (1-3 days) starting on January 22, 2019
    G Suite editions

    • Both the Meet quality tool and the Meet activity log are available to all G Suite editions.

    On/off by default?

    • This feature will be ON by default.

    Stay up to date with G Suite launches

    Moving Directory settings in the Admin console

    What’s changing 

    We’re changing where you’d find the Directory settings in the G Suite Admin console from the apps screen to the Directory section of the main menu.
    • You can now find the setting at: Admin Console > Menu   > Directory > Directory Settings 
    • The setting was previously at: Admin Console > Apps > G Suite > Directory 

    Directory settings will now be in the Admin console’s main menu


    Who’s impacted 

    Admins only

    Why you’d use it 

    You can use Directory settings to control your organization's global Directory and how your users can use Contacts. This includes what version of Google Contacts your users can use, how your users can edit their profiles in the global Directory, configuration of custom internal directories, and more.

    How to get started 



    Helpful links 

    Availability 

    Rollout details 
    G Suite editions 
    • Available to all G Suite editions 
    On/off by default? 
    • This feature will be ON by default.
    Stay up to date with G Suite launches
    Notice the new format for these launch announcements? Give us feedback on it here

    Improving the alert center with new alerts and controls

    What’s changing 

    We’re making some improvements to the alert center for G Suite. These include:
    • More Gmail phishing alerts 
    • New data export initiated alert 
    • New alert deletion option 
    • Link to audit logs for G Suite Business and Basic domains 

    Who’s impacted 

    Admins only. To use the alert center you need to be a super admin or an alert center delegated admin. 

    Why you’d use it 

    The alert center provides a single, comprehensive view of essential security-related notifications, alerts, and actions across G Suite. The improvements will help G Suite admins get more insights and manage their alerts:

    • More Gmail phishing alerts - Will notify you when malware or phishing is detected after an email has been delivered to user inboxes, helping you investigate and remove suspicious emails. 
    • New data export initiated alert - Will make sure you’re aware of data exports in your domains. 
    • Alert deletion option - Will let you delete alerts when they’ve been resolved or are no longer needed. 
    • Link to audit logs for G Suite Business and Basic domains - Will go to the specific portion of audit logs to help you more quickly dig into the details of an alert and find more information on past user activities related to this alert. 

    How to get started 




    Additional details 


    More Gmail phishing alerts - We’re leveraging machine learning to generate alerts on suspicious incoming mail in Gmail. The new alerts will notify admins when malware or phishing is detected after an email has been delivered to user inboxes. In these events, admins in G Suite Enterprise domains can proactively investigate the emails and if necessary, bulk remove suspicious emails from users’ inbox.

    New data export initiated alert - There’s also a new alert when a domain data export is initiated. This alert will let admins know when a data export activity has been initiated for the domain. This alert can help make sure admins are aware of this activity in their domains. See our Help Center for more information on domain data export alerts.

    Alert deletion option - You can now delete alerts as they have been resolved or are no longer needed. If needed, you can recover deleted alerts within 30 days of deletion.

    Link to audit logs for G Suite Business and Basic domains - To dig into the details of an alert, G Suite Business and Basic admins can use a link to go directly the specific portion of audit logs and look up more information on past user activities related to this alert. G Suite Enterprise admins have a direct link to the investigation tool, which is part of the security center for G Suite.


    New domain data export initiated alert



    New option to delete the alert



    Links to audit logs



    Helpful links 

    Help Center: Understand audit logs
    Help Center: About the alert center
    Help Center: Domain data export details

    Availability 

    Rollout details 
    G Suite editions
    • Available to all G Suite editions 
    On/off by default? 
    • These feature will be ON by default
    Stay up to date with G Suite launches


    Notice the new format for these launch announcements? Give us feedback on it here

    Automatically provision users with two additional apps

    What’s changing 

    We’re adding auto-provisioning support for two new applications:
    • monday 
    • Proxyclick 


    Who’s impacted 

    Admins only

    Why you’d use it 

    When auto-provisioning is enabled for a supported third-party application, any users created, modified, or deleted in G Suite are automatically added, edited, or deleted in the third-party application as well. This feature is highly popular with admins, as it removes the overhead of managing users across multiple third-party SaaS applications.

    How to get started 




    Helpful links 




    Availability 

    Rollout details 



    G Suite editions 

    • G Suite Education, Business, and Enterprise customers can enable auto-provisioning for all supported applications 
    • G Suite Basic, Government, and Nonprofit customers can enable auto-provisioning for up to three applications 


    On/off by default? 

    • This feature will be OFF by default and can be enabled at the OU level.

    Stay up to date with G Suite launches


    Notice the new format for these launch announcements? Give us feedback on it here

    Compare G Suite adoption and use between organizational units

    We’re adding the ability to view and filter G Suite reports by organizational unit (OU) in the Admin console and the Reports API. This information can make it easier to build more insightful reports and more complete audits.

    You could use this to:

    • Compare G Suite usage across OUs - You can drill down to see metrics such as drive storage, active users, and more at an OU level, helping you to measure and track G Suite usage in different areas of your organization. 
    • Improve your investigation efficiency - You can view Audit logs for a particular unit within the company, which can help filter out unrelated events and focus your investigation efforts. 


    View data by OU in the Admin console 

    To view a report or audit for a specific OU in the Admin console, filter using the left-hand menu. See our Help Center to learn more about account activity logs.


    View data by OU through the Reports API 

    When you use the Reports API, outputs will include OU information. You can use this to report on and analyze by OU. Find out more about how to use the Reports API.

    Launch Details 
    Release track:
    Launching to both Rapid Release and Scheduled Release 

    Editions: 
    Available to all G Suite editions

    Rollout pace: 
    Gradual rollout (up to 15 days for feature visibility)

    Impact: 
    Admins only

    Action: 
    Admin action suggested/FYI

    More Information 
    Help Center: Account activity reports 
    Get started with the Reports API



    Launch release calendar
    Launch detail categories
    Get these product update alerts by email
    Subscribe to the RSS feed of these updates