Simple Google Workspace update could save you from cybersecurity disaster

(Image credit: Google)

Google Workspace customers, as well as legacy G Suite Basic and Business users, are all getting a new update that has the potential to prevent major cybersecurity disasters.

Google announced in a blog post that Workspace admins will benefit from new notifications every time “critical and sensitive” changes are made to their configurations.

As per the post, these “intelligent alerts” will closely monitor several sensitive actions, helping administrators keep their environments on a short leash, and eliminating potentially malicious actions as soon as they arise. 

Default protection

Administrators can expect to get an alert when the primary admin changes, when an SSO profile is added, updated or deleted, and when the password gets reset for super admins.

For each alert, Google further explained, both admins and super admins will get notified via email, detailing key information about the event that took place. 

The company plans to introduce alerts for additional high-risk actions over time, although it did not detail which actions those might be. 

The feature will be released gradually, Google confirmed, adding that it has started introducing it to users on June 28. 

If you’re unhappy about the fact that you’ll be getting even more email notifications now, tough luck, as Google says these are ON by default, and “cannot be turned off”.  End users should not be impacted by this change, in any way. 

Admin accounts are always in high demand among cybercriminals, as they allow free roam across the target infrastructure and endpoints. They also allow the ability to make any sort of change to the environment. 

Since the Covid-19 pandemic and the switch to remote working, remote collaboration suites such as Google Workspace have become extremely popular, and as such, extremely interesting for threat actors, making this a welcome cybersecurity addition. 

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.