Restrict Suspicious Login Attempts in G Suite
As an Admin you can check which login attempts are suspicious. This feature helps the organisation to secure all data from hackers.
With the objective to safeguard enterprise data, one of our customers wanted to check suspicious login in G Suite account. So I have suggested how to check suspicious login Report in G Suite Admin console panel.
The suspicious device activities report empowers the authority to view details of suspicious activities on your corporate devices during a specified time range. Only those devices which are under advanced management are included in this report.
You can use device IDs, device owners, and the timestamps of the suspicious device activities by these reports.
If a device property is updated on a mobile device management, this change is declared as a suspicious activity. Device properties include the serial number, the device model, the name of the operating system, and more.
Here is the step by step procedure to check suspicious login in Google Admin Console:
Use an Admin Account by the URL admin.google.com
Then log in your Admin Account with users id and password
Admin console Dashboard > Reports
Audit > Login > Click on Login
Add Filter > You can choose the options as per your need
Select Event Name > Search for Suspicious Login
You can add more filters by User Name, Affected email address, IP Address, Login Type.
This feature helps the organisation to secure all data from hackers. As an admin, you can identify spikes in the amount of failed logins, check which login attempts are suspicious and you can also block those IP addresses to secure your company's data. You can also view statistics about the challenge methods that have been used by the hacker.
This report is available for the following Editions: G Suite Enterprise, Drive Enterprise, and Cloud Identity Premium.