Google offers domain admins a host of built-in security monitoring tools, provided you know where to look for them. In Backupify’s latest eBook “3 Brilliant Hacks for Google Apps Admins” we address some important tricks of the trade for the enterprise-grade domain admin looking to ensure their Google Apps users are safe and secure. Below we take a look at how admins can stay ahead of security issues with user activity alerts and reports.
There are many Google Apps account activity alerts that warn of specific behaviors occurring within a domain. Each alert will fire a warning if a specific high-risk activity is undertaken on a domain—for example, a user is suddenly granted admin privileges or domain-wide mobile device access setting are changed.
In particular, there are two alerts to which every admin should subscribe: the suspicious login activity alert and the Google Apps status alert. The former warns of a domain user logged in from an unknown location, an incorrect password entered several times in a row, or any other impressions of compromised login credentials. The latter alerts admins of new information posted to the Google Apps Status Dashboard regarding an outage of the service.
Account activity alerts help admins quickly react to any unexpected, unintended or unwelcome changes to a Google Apps domain. Proactive domain admins can turn to Google Apps usage and security reports. While each of the four key reports is useful, the master Google Apps Account Activity Report is the most comprehensive of the quartet. It shows who does and does not employ 2-step verification for their GApps account. It shows how indiscriminately they share files within and outside of the Google Apps domain. It also shows how much and how often each user sends and receives email messages. Large or unexpected spikes in these types of activities are warning signs of possible security breaches, so running the Google Apps Account Activity Report should be a regular part of every domain administrator’s weekly routine.
As mentioned previously, Google actively monitors any email sent to the postmaster@ or abuse@ addresses on any Google Apps domain—yours included. If someone is complaining that a domain is sending out spam messages, this is where those complaints are sent. The good news is that you can subscribe to these groups on your own domain, so if an outsider accuses one your users of being a spammer, you’ll be copied on the complaint and can take action before Google steps in to suspend your user or - worse - suspends your whole domain.
Are you a hardcore Google Apps admin? Grab more hacks like this one in our eBook, “3 Brilliant Hacks for Google Apps Admins”