Google Admin
The Google Admin integration detects a variety of data loss prevention, account misconfiguration, and user security risks in an integrated Google Workspace account that could leave you and your organization vulnerable.
Integration prerequisites
- A Google Workspace account with a Business Starter, Business Standard, Business Plus or Enterprise plan
- A Google Workspace user with Super Admin privileges and Owner permissions in the Google Cloud Platform (GCP) project used
Integration permissions
Refer to Google Workspace integration permissions for information on which API permissions to enable.
Security findings
The Google Admin integration currently scans for the following findings, or security risks. Findings are grouped by category and then ordered by severity level.
To stay up-to-date with new CASB findings as they are added, bookmark this page or subscribe to its RSS feed.
User account settings
| Finding | Severity | Description |
|---|---|---|
| Google Workspace Admin User 2FA Disabled | Critical | An administrator in Google Workspace does not have two-factor authentication enabled. |
| Google Workspace User 2FA Disabled | High | A user in Google Workspace does not have two-factor authentication enabled. |
| Google Workspace User without Recovery Email | Low | A user in Google Workspace does not have a recovery email set. |
| Google Workspace User without Recovery Phone | Low | A user in Google Workspace does not have a recovery phone number set. |
Inactive or suspended users
| Finding | Severity | Description |
|---|---|---|
| Google Workspace Admin User Inactive | Medium | An administrator account in Google Workspace has not logged in for 30 days. |
| Google Workspace Admin User Suspended | Medium | An administrator account in Google Workspace is suspended. |
| Google Workspace User Inactive | Low | A user account in Google Workspace has not logged in for 30 days. |
| Google Workspace User Suspended | Low | A user account in Google Workspace is suspended. |
Third-party apps
| Finding | Severity | Description |
|---|---|---|
| Installed 3rd Party App with Drive Access | High | A third-party application has been granted permissions to a user’s Google Drive. |
| Installed 3rd Party App with Gmail Access | High | A third-party application has been granted permissions to a user’s Gmail. |
| Installed 3rd Party App with Google Docs Access | Medium | A third-party application has been granted permissions to a user’s Google Documents. |
| Installed 3rd Party App with Google Slides Access | Medium | A third-party application has been granted permissions to a user’s Google Slides. |
| Installed 3rd Party App with Google Sheets Access | Medium | A third-party application has been granted permissions to a user’s Google Sheets. |
| Installed 3rd Party App with Google Sign In Access | Low | A user has used their Google Workspace account to sign up for a third party service. |