Protect your business with Google Workspace security functionalities

Google works actively to ensure that its users are well protected. Google’s environment is constantly improving and evolving. Every month, we see new tools and solutions in the Google Marketplace designed to make your work safer and more secure. Just because Google Workspace is secure doesn’t mean you don’t have to worry about keeping your environment safe.

Office tools with built in security

The package of office tools is built to meet the strictest requirements for security of industry such as finance, healthcare, education and more. Google regularly audits and verifies its products, for example for SOC 2, FISC, PCI DSS, ISO 27001, ISO 27017, ISO 27018, HIPAA, GXP, HITRUST CSF and many other security certificates

Google provides you with the option to have a layer upon layer of security so that your business stays compliant with the requirements of your industry.
Google also gives you full control over your own data and your domains settings. It’s up to you as your organisation’s dedicated admin to decide how many layers of security your business needs and then actually switch them on – Because Google won’t do it for you.

The good news is that your Google Workspace licence probably already includes all the features you need.
If not,feel free to contact us to get information on which plan would best suit your security needs.And then you might even realise that the fancy futuristic software you were planning to deploy next month won’t be needed at all as you’ll find the same features within Google Workspace.
All in all, knowledge is power, and we at Cloud Office truly believe that knowing some of the features Google Workspace offers might just save you a lot of headaches.

So let’s get to it:

Control the context of how users access your company data with Context-Aware Access

Using Context-Aware Access, you can create many layers of security by setting up very specific policies for gaining access to your company’s data. As the name would suggest, this security feature gives you control over which apps a user can access based on their context, such as whether their device complies with your IT policy.
You can set up these policies yourself based on attributes such as user identity, location, device security status, and IP address.

Some examples of added security policy could be:

• Allow access to apps only from company-issued devices.
• Allow access to Drive only if a user storage device is encrypted.
• Restrict access to apps from outside the corporate network.
• Allow access only from devices with latest version of the OS installed

You can also combine more than one use case into a policy. For example, you could create an access level that requires app access from devices that are company-owned, encrypted, and meet a minimum OS version.

Bring your own device(BYOD)

You want to introduce BYOD (Bring Your Own Device) policy to allow your team to work from anywhere. People would most likely have a real problem (and rightfully so) to allow you to have full control over their personal devices with endpoint management. Setting up Context-Aware Access will allow you to have full control over your company data without compromising your employees’ privacy.

Modernize your IT and strengthen security with Cloud Identity

In the cloud environment, the security perimeter has become dispersed and elastic, wrapped around each user and device. Moreover, ‘users’ no longer refers to simply employees, but also vendors, partners, contractors and customers. Each of these groups has its own requirements for access to different information and applications. In the ever-evolving ecosystem of users, apps, and devices, traditional identity and access management approaches aren’t sufficient anymore. These approaches were built for the on-premise world (think cumbersome VPNs, limited device access and inconvenient authentication), instead of today’s cloud-first world.

Cloud Identity is an Identity as a Service (IDaaS) solution that centrally manages users and groups. You can configure Cloud Identity to federate identities between Google and other identity providers, such as Active Directory and Azure Active Directory.
When you adopt Cloud Identity, you create a Cloud Identity account for each user and group. You can then use Identity and Access Management (IAM) to manage access to Google Cloud resources for each Cloud Identity account.

What can you do with Cloud Identity?

• Defend your organization with Google’s threat intelligence signals.
• Help protect your user accounts and company data with a wide variety of MFA (Multi-factor authentication) verification methods such as push notifications, Google Authenticator , and using your Android or iOS device as a security key.
• Take advantage of the Security Center, which provides analytics, actionable insights, and best practices
• Extend your on-premises directory to the cloud with Directory Sync
• Enable access to traditional apps and infrastructure with secure LDAP
• Automatically synchronize user information with HR systems of record.
• Improve your company’s device security posture on Android, iOS, and Windows devices using a unified console.
• Set up devices in minutes and keep your company data more secure. Enforce security policies, wipe company data, deploy apps, view reports, and export details. (Endpoint Management)
• Save employees time with one-click access to all of their work apps (SSO- Single Sign-On)
• Enable users to manage their own accounts on virtually any device, anywhere.

Cloud Identity is available as a stand-alone product with different pricing tiers based on which features you need. The great news for Workspace users is that all of the Cloud Identity features, as well as Context-Aware access, are already included in the Enterprise licence of Google Workspace. Other tiers provide you with some of them.

Choose the geographical location for your data with Data Regions.

There are many reasons why some industries are more concerned than others about where their data is actually stored in the world. Google has servers all around the Globe and as an administrator, you can store your covered data in a specific geographic location by using a data region policy. Your geographic location options are the United States or Europe.

Enterprise data regions policy option is included with an Enterprise Plus subscription. Fundamental data regions function is included with Business Standard, Business Plus, Enterprise Standard, and Frontline Edition.

If you’d like advice on which tier to choose, don’t hesitate to get in touch. At Cloud Office we’ll be happy to answer all the questions you might have.
We can also provide you with a thorough Security audit and Admin security training to make sure your Google Workspace is set up correctly.