Google Workspace admin accounts will now require two-step verification to access
Google has announced The company will enforce two-step verification (2SV) for administrative accounts in Google Workspace.
The requirement is already being enforced for some users, while others will follow suit. Super admins will be notified 30 days in advance via email and app notifications. If you don't set up 2SV within 30 days, users will be locked out of their accounts and will need to follow these steps: recovery procedure.
Google has also increased the number of dynamic groups for customers from 100 to 500. These are groups whose membership is automatically managed, based on criteria such as their location or department within an organization. Google believes this increase will help reduce the amount of manual management.
Securing customers
To justify the new authentication requirement, Google cites its own requirement research It shows that automatically enabling 2SV for more than 150 million users resulted in a 50% reduction in account compromises last year.
Google said the new requirement is part of its commitment to protect the “security of our users” and will “help customers protect against data compromise and prevent account takeovers.”
2SV adds a layer of protection to passwords, by ensuring that the person entering the password is a legitimate user, and not a threat actor who has managed to steal a user's credentials.
Meanwhile, the dynamic group expansion will be gradually rolled out to Rapid Release and Scheduled Release domains. It will be available to Google Workspace Frontline Standard, Enterprise Standard and Enterprise Plus, Education Standard and Education Plus, Enterprise Essentials Plus, and Cloud Identity Premium customers.
These new features follow other recent security updates for Google Workspace, such as the ability for administrators to create custom notifications to inform users why certain messages they are trying to send have been blocked. They can also include links to resources such as company guidelines for sending sensitive data, to give users more context.