Explained: How this Google Workspace update can save admins from “cybersecurity disaster” – Times of India

The ongoing Covid-19 pandemic has forced several organisations to switch to remote working setups which have helped collaboration tools like Google Workspace to become more popular amongst the workers. However, the increased usage of the platform has caught the attention of malicious actors making it prone to more cyberattacks. According to a new report by TechRadar, Google Workspace users including G Suite Basic and Business users are now receiving a new update that can prevent “major cybersecurity disasters.” The report mentions that Google has updated its blog post to announce that Workspace admins will benefit from the new notification system, every time someone attempts to make “critical and sensitive changes to their configurations.” Moreover, Google has also confirmed that it has already started rolling out the Workspace update and will gradually reach every user.
How will the new notification system work
As per the report, Google has explained that these “intelligent alerts” will thoroughly scrutinise multiple sensitive actions that will help administrators closely monitor their environments and they will be able to deal with “potentially malicious actions” immediately after it surfaces.
The report also mentions that Administrators are expected to be notified in certain cases which include — changing primary admin, adding, updating or deleting an SSO profile and even when the password for super admins get reset.
Moreover, Google has also confirmed that both admins and super admins will be receiving email notifications for every alert that will offer detailed key information about ‘suspicious’ changes that have been made.
Apart from these, the tech giant is also planning to introduce “alerts for additional high-risk actions” in the future, however, the company didn’t provide any detailed information about the actions that will be included in the list, the report suggests.
Google has also detailed that this notification system will be activated for admins by default and it “cannot be turned off”. However, end-users might not get affected by this change at all.
Why only admin accounts
The report claims that cybercriminals are highly interested in admin accounts as these are the ones that allow attackers to freely access the entire “target infrastructure and endpoints.” If bad actors get hold of an organisation’s admin account(s) it will allow them to make any amount of changes throughout the entire environment.