Google this week announced a new Google Workspace capability meant to prevent unauthorized sensitive changes to user accounts.
Formerly called G Suite, Google Workspace provides enterprise users with secure collaboration and productivity tools.
With the new feature in place, Google will evaluate a user’s current session and present them with a ‘verify-it’s-you’ prompt if the session is deemed risky.
According to Google, the capability will prevent an attacker who has gained access to an account from making any changes that could impact the account owner and the organization the account belongs to.
“Through a second and trusted factor, such as a 2-step verification code, users can confirm the validity of the action,” Google notes.
Thus, if a threat actor has gained access to an account, their actions will be blocked until the account owner can verify that any attempted changes are intentional.
“This added layer of security helps to intercept bad actors who have gained access to a user’s account, further protecting their data and your organization’s sensitive information. Additionally, these challenge attempts will be logged as an audit event allowing for further admin investigation,” the company says.
For the time being, the feature only supports users who have Google as their identity provider and can only prevent unauthorized actions within Google products. It does not support SAML users at the moment.
The use of security challenges requires that users have added a recovery phone or email address to their accounts and that administrators have added employee IDs to their user accounts.
The ‘verify-it’s-you challenge’ can be turned off for ten minutes from the admin console , to help users who are stuck behind the verification prompt.
“We strongly recommend only using this option if contact with the user is credibly established, such as via a video call,” Google notes.
The new capability is now available to all Google Workspace customers, legacy G Suite Basic and Business customers included.