The CEO of your company heard about new security and collaboration features and wants to know how to stay up to date. You are responsible for testing and staying up to date with new features, and have been asked to prepare a presentation for management.
What should you do?
Subscribe to the Google Workspace Release Calendar:
Go to the Google Workspace Updates blog at https://workspaceupdates.googleblog.com/.
Click on 'Subscribe to updates' to get real-time notifications about new features, updates, and changes in Google Workspace.
This will ensure you and your team are informed about the latest security and collaboration features as they are announced.
Join the Google Cloud Connect Community:
Visit the Google Cloud Connect Community at https://cloudconnectcommunity.google/.
Join the community to engage with other Google Workspace administrators and users.
Participate in discussions, ask questions, and stay informed about best practices, upcoming features, and insights directly from Google Workspace experts and peers.
Your company wants to provide secure access for its employees. The Chief Information Security Officer disabled peripheral access to devices, but wants to enable 2-Step verification. You need to provide secure access to the applications using Google Workspace.
What should you do?
2-Step Verification (2SV):
2-Step Verification adds an extra layer of security by requiring users to verify their identity using a second factor in addition to their password. This helps protect against unauthorized access, even if the password is compromised.
Google Authenticator:
Google Authenticator is a mobile app that generates time-based one-time passcodes (TOTP) for 2SV. It works even when the device is offline, providing a secure and reliable second factor for authentication.
Implementation Steps:
Enable 2-Step Verification:
Go to the Google Admin console (admin.google.com).
Navigate to Security > Authentication > 2-Step Verification.
Turn on 2-Step Verification for the organization.
Deploy Google Authenticator:
Instruct users to download the Google Authenticator app from their respective app stores (iOS or Android).
Provide guidance on setting up Google Authenticator with their Google Workspace accounts.
Users will scan a QR code provided during the setup process to link their account with the Authenticator app.
Advantages of Google Authenticator:
Security: It provides a highly secure method of 2-step verification as the codes are generated on the user's device and change every 30 seconds.
Ease of Use: It's easy to set up and use, with a straightforward user interface.
Offline Functionality: Codes can be generated even without internet access, ensuring consistent access to 2SV codes.
Why Other Options Are Less Suitable:
A . Enable additional security verification via email:
Email-based verification is less secure than app-based 2SV because email accounts can be more easily compromised.
C . Deploy browser or device certificates via Google Workspace:
While device certificates add security, they are typically used for device management and access control rather than for 2-step verification purposes.
D . Configure USB Yubikeys for all users:
USB Yubikeys are highly secure and suitable for 2SV, but they require physical distribution and management of hardware tokens, which can be logistically complex and costly. Given the context of disabled peripheral access, this option might contradict the policy of the Chief Information Security Officer.
Google Workspace Admin Help: Set up 2-Step Verification
Google Workspace Security: 2-Step Verification
A large enterprise that had a security breach is working with an external legal team to determine best practices for an investigation. Using Google Vault, the security team is tasked with exporting data for review by the legal team. What steps should you take to securely share the data in question?
To securely share data using Google Vault for an investigation:
Suspend the user's account to prevent further changes to their data.
Use Google Vault to search for all associated user data relevant to the investigation.
Export the data securely from Google Vault. These steps ensure that the data remains intact and secure throughout the investigation process.
Google Workspace Admin Help - Export data from Google Vault
Google Workspace Admin Help - Manage user accounts
Your-company.com recently started using Google Workspace. The CIO is happy with the deployment, but received notifications that some employees have issues with consumer Google accounts (conflict accounts). You want to put a plan in place to address this concern.
What should you do?
Access the Transfer Tool:
In the Google Workspace Admin console, navigate to 'Users' > 'Transfer tool for unmanaged users'.
Identify Conflict Accounts:
Use the tool to search for unmanaged users (conflict accounts) that have email addresses matching your company domain.
Send Transfer Requests:
Send transfer requests to the identified unmanaged users, asking them to transfer their accounts to your Google Workspace domain.
Complete the Transfer:
Guide the users through the transfer process to ensure their accounts are moved to the managed Google Workspace environment.
Verify the transfer completion and resolve any remaining conflicts.
Google Workspace Admin Help: Transfer tool for unmanaged users
Your organization has been using Google Workspace for almost a year, and your annual security and risk assessment initiative is approaching in preparation for the risk assessment you want to quickly review all the security-related settings for Gmail, Drive and Calendar and identify the ones that may be posing risk What should you do?
Access Admin Console: Log in to the Google Admin console using your administrator account.
Navigate to Security Health Page: In the Admin console, go to the Security section and select Security health. This page provides a comprehensive overview of your organization's security settings.
Review Security Settings: The Security health page lists various security settings for Gmail, Drive, and Calendar. It highlights settings that might pose a risk and provides recommendations for improvement.
Identify and Mitigate Risks: Carefully review the highlighted settings. Follow the recommendations to enhance your organization's security posture. This ensures that any potential risks are identified and mitigated promptly.
Google Workspace Admin Help: Security health
Google Workspace Security Best Practices