Admins can now enable content sharing on personal Workspace accounts while preventing data sharing from corporate Workspace accounts on iOS devices.
Additionally, admins can now prevent data sharing from unknown sources (typically non-Google Workspace apps) to personal Workspace accounts on Gmail, Drive, Docs, Sheets, Chat, and more, by setting a managed configuration.
The {customer_id} is a unique customer ID that’s assigned to your account. You can find it in your Admin console at Account > Account settings > Profile.
Getting started
Admins: Blocking sending of work data to personal apps, including all non-Google Workspace apps on the iOS share sheet, will be OFF by default and can be enabled at the OU level. These settings can be configured in the Admin console under Devices > Mobile and endpoints > iOS settings > Data Sharing. Visit the Help Center to learn more about data protection on iOS devices. Use this article in our Help Center to learn more about how to set up the managed configuration, go to set up iOS apps with managed configurations.
End users: Sharing of data between Google Workspace apps and non-Google Workspace apps depends on your admin configuration. If you’re unable to share data between apps, you may see a warning message. Visit the Help Center to learn more about how your iOS device is managed.
Earlier this year, we introduced a series of space management capabilities for Workspace admins in the Google Chat API via the Google Workspace Developer Preview Program. These API features are now generally available for all Google Workspace customers and developers.
Using these features, admins can easily perform a variety of space management related tasks at scale. This includes membership management, like adding and removing members, onboarding and offboarding users from spaces, cleaning up inactive spaces, and more.
These features are also available when using the Google Apps Manager (GAM), an open source command-line tool that helps administrators to perform bulk operations associated with various aspects of their Google Workspace. The tool can be used to automate space management tasks with command-line scripts, helping to reduce admin overhead and potential errors when using APIs. See this article in our Help Center for more information on using a third-party tool for mass provisioning.
Who’s impacted
Admins and developers
Why you’d use it
In 2023, we launched the Space Management tool, which allowed admins to view all the spaces within their organization, understand the activity within those spaces, and perform essential actions like deleting a space or assigning space managers. While finding the tool helpful to perform one-off tasks, admins expressed a desire for tools to perform these tasks at scale, for example, with the help of APIs. Admins can now use the Chat API to find information and manage spaces in their organization in bulk or programmatically. Specifically they can:
Find and delete inactive spaces: Using spaces.search, you can find spaces that haven’t been used since a specified date and time and then delete them.
Onboard and offboard users: Automatically add new users to relevant spaces and remove them from spaces when they leave or change roles.
Audit external members: Monitor and control access to your organization's data by identifying and removing external members from sensitive conversations.
Lookup and update space details: Easily manage space information like names, descriptions, and guidelines.
Verify user membership and upgrade roles: Manage user access and roles within spaces.
And more — please refer to our developer guidance for even more information.
When Google Cloud Directory Sync (GCDS) attempts to create new users, it may encounter unmanaged accounts that conflict with the accounts it’s attempting to create. In these instances, GCDS will now comply with the conflicting accounts management settings specified in the Admin console. This update helps reduce the time spent migrating user accounts to business accounts, helping to accelerate the adoption of Google Workspace and Google Cloud. Visit the Help Center for specific information on how GCDS will handle conflicting accounts based on your configured settings.
Getting started
Admins:
Google Cloud Directory Sync will automatically respect your existing Admin console settings for handling conflicting unmanaged accounts. We do not recommend turning this feature off in GCDS, rather you should configure these settings as you see fit in the Admin console. Visit the Help Center to learn more about handling conflicting unmanaged accounts with Google Cloud Directory Sync, as well as unmanaged accounts in general.
End users: Depending on your admin configuration:
You’ll be invited to transfer your account — if accepted, your admin will have the ability to manage your account.
If you do not accept the request, your admin may replace your unmanaged account with a managed one. In that case, you’ll receive a new @gmail.com address and retain your content in this unmanaged, personal Google account.
To help our customers continue to understand and measure the carbon intensity of their cloud computing, we have partnered with Electricity Maps to provide hourly emissions data within the Carbon Footprint report. Since we launched the Google Workspace Carbon Footprint report at Cloud Next 2023, we have continued our collaboration with Electricity Maps to further help users understand their emissions. Directly within the Admin console, admins can track the carbon footprint and emissions of using Google Workspace, down to specific tools such as Google Meet, Gmail, Google Docs, and more.
We’ve also added a new admin role for accessing Carbon Footprint reports. Previously, only Workspace admins with reporting privileges had access to the carbon footprint dashboard. However, we know our customers have specialists, such as a dedicated Sustainability team, who rely on this information to inform their work. Now, admins can grant access to the Workspace Carbon Footprint report to select users by creating a custom role.
Who’s impacted
Admins
Why it’s important
Cloud computing has immense significance for powering global business operations and innovation. But, in a world facing the accelerating impacts of climate change, it is increasingly important to keep an eye on its environmental impact. The dynamic and global nature of cloud computing creates challenges for precisely measuring its emissions and requires granular data that captures the carbon emissions of electricity at every hour in locations around the world. Partnering with Electricity Maps gives our customers a way to monitor their cloud emissions over time by product — giving IT teams and developers the high quality metrics they need to monitor, improve, and reduce their carbon emissions.
Electricity Maps gathers real-time and historical power generation and power exchange data from multiple sources around the globe, calculating the hourly consumption mix available on the grid and its carbon intensity. Electricity Maps follows a highly granular approach, combined with a transparent and scientific methodology and a strict collective vetting process of their open-source community. This guarantees high-quality and trustworthy data that aligns with Google’s ambition for a realistic and science-backed perspective on climate impact. For maximum transparency, emissions can be viewed on either location-based or market-based Scope 2 accounting standards. Location-based emissions show the emissions linked to the actual electricity used for the operations, whereas the market-based emissions represent emissions from the purchased electricity, including Google’s annual renewable energy purchases. More information about the methodology behind Google’s Workspace and Cloud Carbon Footprints can be found here.
Additional details
More about Google's sustainability commitments
In 2020, we set a goal to run on 24/7 carbon-free energy—every hour of every day on every grid where we operate—by 2030. We continue to make product and operational improvements to reduce environmental impact and we're sharing technology, methods, and funding to enable organizations around the world to transition to more carbon-free and sustainable systems — see here for more information about our sustainability commitments.
Google uses the Greenhouse Gas Protocol, the global standard for carbon accounting to generate the Workspace Carbon Footprint reports. We recommend that admins familiarize themselves with the GHG terminology — you can find more information in our Help Center or the video below.
Getting started
Admins: You can find your Carbon Footprint report in the Admin console under Reporting > Carbon footprint. Visit the Help Center to learn more about the Workspace Carbon Footprint.
Earlier this year, we announced multi-party approvals for sensitive actions taken in the admin console, specifically requiring one admin to approve actions taken by another. At launch, these protections applied to several settings, including 2-step verification, account recovery, and more.
Today, we’re expanding multi-party approvals to include domain-wide-delegation. Domain-wide-delegation is a powerful feature which allows admins to grant third-party applications permission to access your Workspace users’ data. Bringing this feature under the umbrella of multi-party-approvals helps mitigate the risk of data exfiltration by internal bad actors or if admin credentials have been compromised.
Overall, multi-party-approvals help ensure no sensitive action happens in a silo and, most importantly, helps prevent unauthorized or accidental changes from being made. This added layer of approval helps ensure actions are being taken appropriately and not too broadly or too often. For more information, see our original announcement.
When domain-wide-delegation changes are attempted, admins will be required to submit the change to a super admin for approval.
Super admins can review and take action on these requests in the Admin console by navigating to Security > Multi-party approval. Super admins will also receive email alerts when a change is requested or any other protected action is attempted.
Getting started
Admins: The multi-party approvals feature is available for eligible Workspace customers with two or more super admin accounts. Multi-party approvals are OFF by default and can be turned on in the Admin console by going to Security > Multi-party approval settings. Visit the Help Center to learn more about multi-party approvals for sensitive actions.
As we continue to make improvements for managing Meet Hardware fleets, we’re pleased to announce eighteen additional filters in the Admin console, which include:
The new filters can be added as chips to filter the device table:
From Menu > Devices > Google Meet hardware > Devices, select “Add a filter”. Any filters you select will be added to the URL so you can save the link or share it with others.
New data columns have been added that enable you to view additional device info at a glance, which include:
Boot mode
Camera
Camera home position
Chrome version
Content camera
Controller
Device ID
Display
End of Meet support
Enrollment date
Microphone
Noise cancellation
Notes
Operating system version
Primary framing strategy
Volume
Speaker
From Menu > Devices > Google Meet hardware > Devices, select the gear icon to add columns. Any columns you select will be added to the URL so you can save the link or share it with others.
Increasing the number of searchable fields makes it easier and faster to find specific groups of devices, which is particularly helpful when managing a large fleet of devices. Quickly finding groups of devices allows you to save time and resources managing and troubleshooting your devices.
We're introducing a new setting that enables education admins to restrict which users can create and manage members in Google Chat conversations.
This can be useful for admins who want to prevent groups of students from initiating or adding users to a conversation.
Who’s impacted
Admins and end users
Why it’s important
This is a highly-requested feature that restricts the creation of unsupervised activity among K-12 students and helps provide a safer and easier way for teachers to communicate with students.
Getting started
Admins:
To restrict users from accessing features in Chat, go to the Admin console > Apps > Google Workspace > Google Chat > click the Chat and Space restrictions setting > Inside the Google Chat box, search for the group of users you'd like to apply Chat restrictions to > check the box for Restrict creating direct messages, group messages, and spaces > hit Save.
Note: groups can be restricted at the group level only.
We’re pleased to announce a new set of features to help you conduct deeper analysis and more flexible issue detection within your Google Meet hardware fleet:
First, Meet hardware log events are now captured in the security investigation tool. Within the tool, you’ll be able to view historical events for your devices and create customized alerts. You can also click out to Meet hardware log events from individual device pages (Devices > Google Meet Devices > [Device Name]), allowing you to find information on specific devices even faster.
Meet hardware logs in the security and investigation tool
Secondly, through integration with BigQuery, Meet hardware logs can be imported from the security investigation tool to be analyzed at scale. This is a powerful new tool that can be used to build customized views of your historical data across your entire hardware fleet. For example, you can use this data to identify which devices are the most used across your organization, which devices are experiencing the most issues within a specific timeframe, and more.
Specifically, you’ll be able to filter by the following details:
Previously, the interoperability settings that allow Calendar users to see availability of colleagues using Outlook and vice-versa were split between two separate locations: in the Admin console and from https://calendar.google.com/Exchange/tools. Going forward, all interoperability settings will be housed in the Admin console at Apps > Google Workspace > Settings for Calendar > Calendar Interop management. This will make it easier for admins to view and manage their interop setups.
“Take notes for me,” an AI-powered feature in Google Meet that automatically takes notes during your meetings, will be rolling out soon. Prior to end user availability, admins can now configure whether their users can use this Google AI note-taking feature with a new Admin console setting. This setting can be configured in the Admin console by going to Apps > Google Workspace > Google Meet > Gemini Settings.
Apps > Google Workspace > Google Meet > Gemini Settings > Google AI note-taking
Similar to Meet transcripts Admin settings, this control gives admins more flexibility to test the feature within specific Organizational units (OUs) or Groups before deploying the feature more broadly within their organization.
“Take notes for me” is available for customers who have a Gemini Enterprise, Gemini Education Premium, or AI Meetings and Messaging add-on. Only users who are assigned one of these licenses will be able to use the note-taking feature.
We’ll provide more information and timing on end user availability about “Take notes for me” in the coming weeks here on the Workspace Updates blog.
Additional details
Notes documents will be stored in the meeting owner’s drive folder and will follow the Meet retention policy that your organization has configured. If you are currently testing this feature in Workspace Labs and Alpha, your experience will change from respecting the Drive retention policy to respecting the Meet retention policy.
Getting started
Admins: Take notes for me will be ON by default and can be configured at the OU and Group level in the Admin console by going to Apps > Google Workspace > Google Meet > Gemini Settings > Google AI note-taking. If you want all of your users to receive the feature at once, you may want to consider turning this setting OFF and then after rollout switching it to ON.
Rollout pace
Rapid and Scheduled Release domains: Gradual rollout of the admin setting (up to 15 days for feature visibility) starting on August 13, 2024 with expected completion on August 21, 2024
Availability
Available for Google Workspace customers with the: