IT and security admins who operate in the cloud require tools, visibility and insights to stop threats or gaps in operations before they become security incidents. These tools are only effective at stopping threats if they are correctly deployed, managed and monitored.
G Suite Enterprise Security Centre aims to give IT admins and Security Operations teams simpler ways to manage access, control devices, ensure compliance and keep data secure, by actively watching for threats and anomalies or possible data compromises in your G Suite environment.
The unified security dashboard allows you to gather and review insights into the security posture for your enterprise and other metrics to demonstrate your security effectiveness in a comprehensive dashboard accessible through the browser.
Some of the ways you can secure your organisation with G Suite include:
Use this to identify any unusual spikes in activity that could indicate a malicious incident. Monitor and detect if spam and malware is targeting users.
Identify and use bulk deletion functionality to remove any instances of such messages within the environment.
Configure security checks on automatic email forwarding, DMARC settings, POP/IMAP access and whitelists.
Highlighting unusual activity such as account logon attempts that keep failing, may indicate a compromised account or malicious access attempt. Identify new apps being used for authorisations that are granted with Gmail accounts using OAuth.
If you need to conduct an organisation-wide investigation use searches across multiple data sources such as Gmail, Drive and Device logs to gather evidence.
Examine file sharing to spot and stop potential data exfiltration, identify which files have been shared outside of your organisation, or have triggered DLP rules.
Ensure you apply policies for file sharing, Drive add-ons, offline availability and stringent sign-in requirements.
Review group sharing options and evaluate public groups on a case-by-case basis.
Suspend accounts or remotely wipe devices that are compromised or running a vulnerable OS version.