Stronger protection for sensitive Google Workspace account actions

27/09/2022

Agenda

What’s changing

We’re introducing stronger safeguards for sensitive actions taken in your Google Workspace account. These apply to actions that, when done by hijackers, can have far reaching consequences for the account owner or the organization it belongs to.

Google will evaluate the session attempting the action, and if it’s deemed risky, it will be challenged with a “Verify it’s You” prompt. Through a second and trusted factor, such as a 2-step verification code, users can confirm the validity of the action. For example, if a malicious actor gains access to your account and attempts to change the name on your account, the action will be blocked until the true account owner can verify that this was intentional.

Stronger protection for sensitive Google Workspace account actions Note that this feature only supports users who use Google as their identity provider and actions taken within Google products. SAML users are not supported at this time.

Who’s impacted

Admins and end users

Why it’s important

This added layer of security helps to intercept bad actors who have gained access to a user's account, further protecting their data and your organization's sensitive information. Additionally, these challenge attempts will be logged as an audit event allowing for further admin investigation.

Additional details

In the Admin console under Users > “UserName” > Security, admins can toggle login challenges OFF for ten minutes if a user gets stuck behind a "verify it's you prompt". We strongly recommend only using this option if contact with the user is credibly established, such as via a video call.

Getting started

Admins: Visit the Help Center to learn more about Admin log events, verifying a users identity, and temporarily turning off the login challenges.
End users: There is no end user setting for this feature, you'll see "Verify you" challenges if an account action is deemed risky.