Google wants to make it easier for IT admins to control who has access to their organisation’s G Suite, so it’s rolling out a few new features that should bolster the platform’s security.
The new features concentrate on simplifying access control, and it’s done that in three key ways.
The most notable new feature available to IT admins is the new central dashboard for managing all the desktops that are accessing a company’s G Suite. Rather than forcing employees to set-up agents or login to specific profiles on their Macs, PCs or Linux devices, IT admins will be able to manage the desktop devices that access their G Suite automatically as soon as a user logs in.
This feature is extremely simple and nothing too fancy; it’s essentially a list of every device connected to G Suite and which employee is using that device. That being said, this functionality is quite useful, as it allows IT admins to logout users when a device has been lost or stolen, protecting the company’s sensitive data.
Google also says that this new dashboard should make it easier to manage devices that are used by multiple people, as you can simply log out the previous user remotely, without having to physically access the device.
Automating security policies
While the central dashboard is great for those wanting to be involved in the day-to-day security of the company, for those who want to relax a little, the next two features will be the most interesting. That’s because they automate some of the tasks that previously required the action of an IT admin.
The first is context-aware access control, which is based on the zero trust security model and Google’s BeyondCorp implementation. This essentially works by assessing the exact circumstances of the person trying to access the company’s G Suite. If the username and password is correct, that’s great, but what if that person has had their details stolen through a phishing scam?
That’s where the context-aware access control comes in. It basically looks at everything from the user’s IP address, whether they’re accessing on a company device, their location, whether their device is even secure, etc, and then makes a decision as to whether or not to grant them access to G Suite or not. If your employee is based in London and yet the person trying to access G Suite is in Moscow on a device that’s never been seen before, then Google’s new context-aware access control can keep that person out.
Of course, that kind of access will likely be flagged up in the security analytics, which can now also be automated. Admins can create automated rules to remediate issues or send notifications to the alert centre, making it possible for teams of admins and analysts to collaborate on security investigations instantly based on alerts, and makes it easier to assess and manage threats with automated actions and improved tracking.
All these new features are rolling out to G Suite Enterprise customers over the next two weeks.