Tag Archives: Scheduled Release

Restrict third-party API access to Google Workspace and end user data with new app access control

What’s changing 

You can now block all third-party API access to Google Workspace data with a new setting. This compliments other available OAuth settings which help you control which third-party & internal apps access Google Workspace data

When selected, all third-party apps are denied access to Workspace and end user data, blocking all OAuth 2.0 scopes. This also means that users cannot use their Google Workspace accounts to sign into third-party apps and websites. 

Who’s impacted 

Admins and end users

Why it’s important 

This new setting adds another layer of protection over your Workspace and end user data. Not every third party application has robust security measures in place or conforms to your security policy — by restricting third-party APIs from requesting sensitive information, such as login or email scopes, you can ensure your data and user data stays secure.

When all third party API access is blocked, an app will not be able to access any Workspace user date, across web and mobile. If users try to authorize an untrusted app, they’ll see an authorization error message. Admins can customize this error message if they choose.

Getting started 

Rollout pace 


Update design for the Admin console home page

Quick launch summary

We’re making some updates to the home page in the Admin console. You may notice: 
  • A new card-based interface which includes more information and links to provide quick access to common tasks. 
  • Expandable (or collapsible) cards for Users, Billing, and Domains, with quick links to common items in those areas. 
  • Reordered items to make it easier to find the most used sections and complete common tasks. 
We hope this design will make it quicker to navigate around the Admin console, easier to find items you need to manage, and simpler to understand how Google Workspace is deployed within your organization. 

The new admin console home page 

The old Admin console home page 

Getting started 

  • Admins: You’ll see the new interface when you log into the Admin console. Visit the Help Center to learn more about using the Admin console
  • End users: No end user impact. 

Rollout pace 

Availability 

  • Available to all Google Workspace customers, as well as G Suite Basic and Business customers 

Resources 

Customize notification frequency with more options in Google Chat and Chat in Gmail

What’s changing 

We’ve added more options for notification settings in Google Chat and Chat in Gmail. The new options affect push notifications on desktop and mobile, as well as notification badges on both the Chat and Gmail apps. You can set your notification preferences to:
  • Notify always: You’ll receive a notification for every message and new messages will be badged.
  • Notify less: You’ll receive notifications and badges for direct mentions, @all mentions, and followed threads. Additionally, there is an option to be notified about new threads in threaded rooms.
  • Notifications off: You will receive no notifications, but you’ll see a badge if you’re directly mentioned.

For existing Rooms, the notification setting may default to a state where you receive more notifications. To review and update your notification settings, simply select the three-dot overflow menu in each room.

Who’s impacted 

End users 

Why you’d use it 

These additional notification settings give you more control over the amount of notifications you’ll receive based on your level of engagement or involvement in specific conversations. We hope that by giving the ability you adjust your notifications as needed, you can stay on top of need-to-know conversations without being overwhelmed by notifications.

Getting started 

  • Admins: There is no admin control for this feature. We recommend that you familiarize yourself with the changes outlined in these Help Center articles and let your users know about the changes they can expect: 
  • End users: 
    • Visit the Help Center to learn more about turning notifications on or off in Gmail and Chat.
    • Make sure your Gmail and Google Chat apps are updated to the latest versions of the respective apps.

Rollout pace

Availability 

  • Available to all Google Workspace customers, as well as G Suite Basic and Business customers


Resources 


Find files shared with you using updated search operators in Google Drive

What’s changing

We’re updating how some search operators work in Google Drive to make finding shared files easier. This includes adding new search operators and changing the behavior of some existing search operators. You’ll still be able to perform all the same searches, just the operators you’ll use for them may change. The specific changes are:
  • “from:” will now return files shared with you by the specified email address. Previously, it would have returned files owned by that email address.
  • “to:” will now return files that you have shared with the specified email address. Previously, it would have returned all files that the email address had permissions to view, comment, or edit.
  • “sharedwith:” is a new search operator which will return files that the specified email address owns or has permission to view, comment or edit.
  • “owner:” returns files owned by the specified email address. There is no change to this operator, but you can use it to return the results you would previously have used the “from:” operator for.


Who’s impacted

End users, and developers

Why you’d use it

We’ve heard that finding files in Google Drive can be difficult because there are so many ways to remember a file: by its type, by its title, by who owns it, and more. We’ve added a number of features to help finding files, including an intelligent search box for Google Drive on the web, mobile search improvements, file suggestions in Chrome, and much more.

In addition, we know how important it is to be able to easily find files shared with others while collaborating in Google Workspace. Our user research suggests that this is actually one of the most memorable aspects to use when finding a file. These updates to our search operators will enable more specific searches to find files shared with you and by you, and will help you find those files more quickly using more memorable details about the file.




Additional details

  • Searches for from: and to: will not return files that were shared prior to February 2021.
  • Vault admins have been notified separately about their changes.

Getting started

  • Admins: There is no admin control for this feature.
  • End users: The updates to search operator behavior will take place by default. Visit the Help Center to learn more about advanced search features in Google Drive.

Rollout pace

Availability

  • Available to all Google Workspace customers, and G Suite Basic and Business customers.

Resources

Additional language support for live captions in Google Meet on Android and iOS devices

Quick launch summary 

Users in APAC and Europe can now enable live captions in the following languages in Google Meet on mobile devices: 
  • French 
  • German 
  • Portuguese 
  • Spanish (Spain and Latin America) 
Live captions can help users easily participate in meetings who may speak a different primary language, are in loud noisy environments, are deaf or hard of hearing, or have other disabilities that make listening difficult.


Getting started

  • Admins: No action required
  • End users: Visit the Help Center to learn more about using captions in Meet. Note: your language preference will be saved for future meetings.

Rollout pace


Availability

  • Available to all Google Workspace customers, as well as G Suite Basic and Business customers. 
  • Available to users with personal Google Accounts

Resources


Automate unmanaged account onboarding with the User Invitation API beta

What’s changing


We’re adding a User Invitation API to the Cloud Identity API. This new API allows you to identify and manage unmanaged accounts

Unmanaged accounts are users with consumer Google accounts that share your organization's email address. The API will enable you to manage these accounts at scale, and automate sending of invites to these users to transfer their account to a managed state. to a managed state. 

The User Invitation API is initially available as an open beta, which means you can use it without enrolling in a specific beta program. See our documentation to learn more about how to use the API


Who’s impacted 

Admins 


Why you’d use it 

Unmanaged accounts occur when a user registers for a personal Google account using an email address that matches your domain. These accounts generally exist because a user has previously signed up for a personal Google Account using their work or educational email address. 

If your organization then signs up for Google Workspace or Cloud Identity and attempts to provision a managed account with the same primary email address, the conflict needs to be resolved. 

Previously, you could only manage these existing accounts via the Admin console. The User Invitation API provides another option which can help automate resolution of these conflicts, and can make it easier to manage these conflicts at scale. 


Getting started 

Rollout pace 

  • This feature is available now for all users in beta. 

Availability 

  • Available to all Google Workspace customers, G Suite Basic and Business customers, and Cloud Identity customers 

Resources 

Login related audit events are now located in a single location in the Admin console

What’s changing 

We’ve consolidated all login related audit events to a single location within the Workspace Admin Console under Reports > Audit Log > Login. Here, you can find information on the following events: 
  • Two step verification enrollment or disablement, 
  • Advanced protection enrollment or disablement, 
  • Password changes, 
  • Recovery question changes, 
  • Recovery phone changes, 
  • Recovery email changes, 
  • Out of domain email forwarding enablement.

Who’s impacted 

Admins 

Why it’s important 

We hope that by displaying this information in a single location, Admins will have greater visibility into critical actions carried out by their users on their own accounts, without having to switch between multiple places in the Admin console. 

Additional details 

You can also use the Reports API to view information on login events. Use the Google Workspace Developer Guide to learn more about getting started with the Reports API and using the Login Activity Report

Enterprise plus and Education Plus Super Admins can also use the security investigation tool (Admin console > Security > Investigation Tool > User Log Events) to view more detailed information and take action on suspicious login activity.


Getting started 


Rollout pace 


Availability 

  • Available to all Google Workspace customers, as well as G Suite Basic and Business customers

Resources 

Snooze Google Calendar desktop notifications

Quick launch summary

You can now snooze Google Calendar desktop notifications directly from the notification itself. A top user request, this should make it less likely that you miss meetings or show up late. By default, snoozed notifications will reappear one minute before the scheduled meeting; you can change this timing in your Calendar settings. You can also “re-snooze” a notification for an additional five minutes as many times you’d like, until the meeting ends.

You can now snooze Google Calendar desktop notifications—directly from this notification.


A few things to keep in mind:
  • You must have desktop notifications enabled and Calendar open in a tab to see notifications on your desktop.
  • You can only snooze notifications on Chrome browsers.
  • Users with desktop notifications enabled may see the promo below in the coming weeks.
Users with Calendar desktop notifications enabled may see this one-time promo in the coming weeks.


Getting started

  • Admins: There is no admin control for this feature.
  • End users: This feature will be ON by default if you have desktop notifications enabled. You cannot remove the option to snooze notifications, but you can change the timing of snoozed notifications. Visit the Help Center to learn more about changing and turning off Calendar notifications.
You can change the timing of snoozed notifications in your Calendar notifications settings menu.


Rollout pace

Availability

  • Available to all Google Workspace customers, as well as G Suite Basic and Business customers

Resources

New ways to keep track of important notifications in Google Drive on mobile

What’s changing 

We’re introducing a new way to view and manage notifications in the Google Drive mobile app for Android. The new update lets you view your most important tasks -- all from within Drive. With this update you can: 
  • See all your notifications in one place, even without device notifications enabled 
  • Choose filters to control the types of notifications you get 
  • Delete and dismiss notifications you don’t want 
  • Take actions like share files directly from notifications 
  • Show more file information directly from the notification 


Who’s impacted 

End users 


Why it’s important 

Today, many people rely on email to keep track of important activity on their files in Google Workspace. At times, this may include searching your inbox, setting up filters, or addressing unrelated and urgent emails. The Drive notifications center saves time finding your most important notifications and makes it easier to keep track of things to do from within Google Drive. 

The updated notifications center can be accessed by going to Priority or Home 


Getting started 

  • Admins: There is no admin control for this feature. 
  • End users: Open the Google Drive app, navigate to “Priority” (or “Home” if you’re not a Google Workspace customer) and find the “Notifications” tab on the top part of the screen. All available notifications will be here, even if you don’t opt-in to device notifications. Use our Help Center to learn more about Google Drive notifications

Rollout pace 

Availability 

  • Available to all users with Google Drive Android v.2021.08 or newer. 

Resources 

New recommended DLP rules help protect sensitive data

What’s changing 

To help our customers more easily implement security controls, we will start providing recommended data loss prevention (DLP) rules personalized for your organization. These recommendations are based on the results of your data protection insights report and any rules you’ve already implemented, and will be surfaced in the admin console. 

Each rule that DLP recommends is a fully realized, ready-to-use rule that is preconfigured to warn users on sharing sensitive data. You can use the rules as they are, or edit the rules to customize them for your organization. The rules will only be enforced when you choose to activate them. 


Who’s impacted 

Admins 


Why it’s important 

Protecting your company’s confidential data is critical. DLP rules can give you control over what users can share, and helps prevent the unintended exposure of sensitive information. Your data protection insights report can help identify priority areas to address, but creating, testing, and implementing rules can be time consuming. 

By generating fully realized, ready-to-use rules recommended based on your organization’s specific situation, we aim to make it easier to add controls and help protect sensitive information within your organization. 

The DLP rule performance charts can help you understand rule performance so you can make any necessary adjustments, and help identify where additional investigation is needed, with one-click integration to the investigation tool where available. 

See recommended rules at Admin console > Security > Data protection 

Getting started 

  • Admins: 
    • To see the recommended rules, go to Admin Console > Security > Data Protection. To view the data protection insights report you must be a DLP admin or an admin that received an email invitation to view the report. 
    • Rule suggestions will be enabled by default for all organizations with data protection insights report, but rules will not be enforced unless you choose to activate them. Recommended rules will not be available if data protection insights reports are turned off. 
    • Visit our Help Center to learn more about how to prevent data leaks with DLP recommended rules
  • End users: No end user impact. 

Rollout pace 

Availability 

  • Available to Google Workspace Enterprise Standard and Enterprise Plus customers. 
  • Not available to Google Workspace Essentials, Business Starter, Business Standard, Business Plus, Enterprise Essentials, Education Fundamentals, Education Plus, and Nonprofits, as well as G Suite Basic and Business customers