Google is rolling out stronger protections for high-risk Workspace account actions, the firm revealed in a blog post on Tuesday.
The said actions, when perpetrated by cyber criminals, can have “far reaching consequences for the account owner or the organization it belongs to,” added the company.
Disabling two-step verification, allowing an app to access Google data, changing the account recovery email address or phone number, downloading account data, and changing the name on the account make up the list of “sensitive actions” identified by Google.
"This added layer of security helps to intercept bad actors who have gained access to a user's account, further protecting their data and your organization's sensitive information," the company said. "Additionally, these challenge attempts will be logged as an audit event allowing for further admin investigation."
To enhance security, Google’s Workspace accounts now feature a “Verify it’s You” prompt to address suspicious account activity. Users are now required to provide an additional verification factor, such as a hardware-based or text-based multi-factor authentication (MFA) prompt, to ensure that a requested action is legit and warranted.
This added layer of security makes it easier to stall bad actors who have logged into a user's account. The perpetrators’ intrusion attempts are also logged as an audit event to aid preliminary investigation by administrators.
All Google Workspace customers, including legacy G Suite Basic and Business clients, have access to the new safety features. However, at the time of this writing, SAML users are not supported.
