Use a new enterprise certificate condition to set context-aware access rules for company-managed devices

Quick launch summary 

When configuring context-aware access rules, you can now use a new signal to determine whether a device is company-owned. By using new enterprise certificates as an alternative context-aware signal to determine if a device is a company-managed asset, you can set more specific context-aware policies that are appropriate based on the trustworthiness of the device. 
admin console screen to configure context-aware access rules
The Admin console screen to configure context-aware access rules using enterprise certificate condition

Getting started 

Rollout pace 

  • This feature is now available for all eligible users. 


  • Available to Google Workspace Enterprise Standard, Enterprise Plus, Education Standard, Education Plus, and Cloud Identity Premium customers 
  • Not available to Google Workspace Essentials, Business Starter, Business Standard, Business Plus, Enterprise Essentials, Education Fundamentals, Frontline, and Nonprofits, as well as G Suite Basic and Business, and Cloud Identity Free customers