Stronger protection for sensitive Google Workspace account actions

27/09/2022

Agenda

What’s changing

We’re introducing stronger safeguards for sensitive actions taken in your Google Workspace account. These apply to actions that, when done by hijackers, can have far reaching consequences for the account owner or the organization it belongs to.

Google will evaluate the session attempting the action, and if it’s deemed risky, it will be challenged with a “Verify it’s You” prompt. Through a second and trusted factor, such as a 2-step verification code, users can confirm the validity of the action. For example, if a malicious actor gains access to your account and attempts to change the name on your account, the action will be blocked until the true account owner can verify that this was intentional.

Stronger protection for sensitive Google Workspace account actions Lưu ý rằng tính năng này chỉ hỗ trợ người dùng sử dụng Google làm nhà cung cấp danh tính của họ và các hành động được thực hiện trong các sản phẩm của Google. Người dùng SAML không được hỗ trợ tại thời điểm này.

Who’s impacted

Admins and end users

Why it’s important

This added layer of security helps to intercept bad actors who have gained access to a user's account, further protecting their data and your organization's sensitive information. Additionally, these challenge attempts will be logged as an audit event allowing for further admin investigation.

Additional details

In the Admin console under Users > “UserName” > Security, admins can toggle login challenges OFF for ten minutes if a user gets stuck behind a "verify it's you prompt". We strongly recommend only using this option if contact with the user is credibly established, such as via a video call.

Getting started

Admins: Visit the Help Center to learn more about Admin log events, verifying a users identity, and temporarily turning off the login challenges.
End users: There is no end user setting for this feature, you'll see "Verify you" challenges if an account action is deemed risky.