Security Enhanced for G Suite Login

Email has completely become a major part of through what our communities and companies communicate in the 21st century, it’s important to know why there is a need for email security for every company who are using a Corporate Email Service.

 

Email security is incredibly important to any user on network because not only does it affect the user, but if the user falls victim to a hacker it can also affect everyone else in the organization. whether that’s losing confidential data, losing deals from the competitor organization, losing your job, being audited, identity theft, or even the closing of the company.

 

When we refer to email security this brings up a huge scope of technologies that are used to limit what exposure exists in an organization to attacks and malware. These include Spam & Virus filters, Email Encryption, Email Archiving… and the list goes on. However, these technologies are not the only one who are responsible for security threats, as the users who are using these Email Accounts, are also responsible for this Because they are the weakest part of the network. If an unauthorised person tries to sign in into one’s account, there are several ways through which Google can identify it and limit it.

 

It is like that whenever Google suspects anyone while signing in, like as he/she has provided the wrong credentials, then it wants to verify their identity.

Earlier Google use to text or call the user's recovery phone or email their recovery account with a verification code, asking the user to enter this code before it grants entry to their account.

 

There is one more way through which Google use to do the verification. It is known as Two-Step-Verification. It is beneficial in the case if the attacker has your credentials like username and password, by enabling this , he/she can’t have access to your account until and unless they provide the user’s additional information. This additional information can be in the form of codes which only the user can obtain via their own registered mobile phone, or via an encrypted signature contained on a security key. It can be implemented both from the admin level and the user level.

 

Recently Google has made an additional security enhancement for G Suite login by adding a new login challenge. As an administrator, one can choose to use the employee IDs of their users as an additional login challenge that you can turn on or off.

 

Before enabling this feature one must store the Employee IDs in user’s account attributes.

This can be done by any of the following ways:-

 

1. Update the employee IDs directly in the user profile from the Google Admin console.

Users -> username -> user information.

 

2. Use Google Cloud Directory Sync to export employee IDs from Microsoft® Active Directory® or your directory server to your Google organizational unit.

3. Use the Admin SDK Directory API to populate the externalIds[].type: organization field with employee IDs.

• 4. Use the CSV upload functionality in the Google Admin console.

 

The steps for enabling the Employee ID Login challenge are listed below :

 

1. Switch to the admin console of the administrator account.

 

2. From the Admin console Home page, go to Security->Login challenges.

 

 

 

3. Select the Use employee ID to keep my users more secure box.

And click on save.

In this way, you can enable the new Employee ID Login challenge.

 

After enabling this feature, whenever a user will try to sign in he will be asked to provide his Employee ID.

 

In this way, the organization is getting an added security for their Email accounts.

 

Moreover, it is also ready to handle any exceptions.

 

If in some case, any user has forgotten his Employee ID, or is not able to provide verification code due to weak phone signal, then he/she can be allowed to sign in by the administrator only. For doing so the below steps should be followed:

 

1. Sign in to the Google Admin console.

2. Find the user account.

3 . Click the row for the user account to display the user information page.

4. Click Security.

5. Click Login challenge.

6. Click Turn Off For 10 Minutes.

 

The login challenges will be off for 10 minutes to allow the user to sign in.