Skip to main content
TDX, the developer conference for the AI agent era is happening now. Watch live on Salesforce+ for exclusive digital content, a revolutionary keynote, and more.

Explore Google Workspace Security Tools

Learning Objectives

After completing this unit, you’ll be able to:

  • Use the alert center to identify, triage, and act on security and privacy issues.
  • Report on account activity.

In the previous module, you saw how an administrator can set up email alerts from the Rules area in the admin console. You saw that Google Workspace has a set of predefined rules. Some of these predefined rules, when triggered, log events to the Google Workspace alert center. As the admin, you use the alert center to view notifications about potential issues within your domain, and act to resolve the issues and protect your organization from security threats. You can view a list of alerts, and then click any item in the list to view details about those alerts.

Editions of Google Workspace that include the Security Center also enable you to start an investigation from the alert center by linking directly to the security investigation tool. Using the investigation tool, you can then make adjustments to your admin console security settings if needed, or take other actions in response to the alert.

As you have a new domain, it’s unlikely that there'll be any alerts in your alert center, but in this exercise you learn how to navigate to the alert center and locate and identify rules that add alerts to the center.

  1. Sign in to your domain as the administrator at admin.google.com.
  2. From the menu, click the Security icon.
  3. Then click Alert center. It's unlikely that you have any alerts listed. To see what an alert looks like, in the screenshot, there's an example of an account suspension alert. Key details include the severity, status, and key details like date, the user impacted, IP address, and any history.
    User suspended record, with information including severity, status, summary, date, user impacted and IP address from which the login was detected.
  4. From the Alert center page, click Manage alerts and email notifications. This takes you to the list of rules.
  5. Review the Alerts column. From here you can see which rules are logging events to the alert center. Note that not all rules will log to the alert center.
  6. Locate and click the Leaked password rule.
    Then, click the Actions card. Note that this rule can log to the alert center.
  7. Return to the rules list, locate, and click the TLS failure rule.
  8. Then click the Actions card.

Manage User Activity Reports

As an administrator you can monitor your users' account settings and exposure to security risks by opening the accounts activity report.

The accounts activity report gives you a consolidated view of user status and account activity, where you can access all data from the user account status, admin status, and 2-step verification enrollment reports.

See Account activity user reports and the Security checklist for medium and large businesses to learn more about security best practices. In this exercise, you view and customize an accounts activity report for your organization. Note, though, that because you just set up your domain, there'll be limited data or no data available to view in your report.

  1. Sign in to your domain as the administrator at admin.google.com.
  2. Click the Reports icon.
  3. Navigate to Reporting | User reports | Accounts.
  4. Click the Manage columns gear icon.
  5. Choose which columns you want to display. You can filter by date, OU, group, and column data.
  6. Explore the filters and once you have selected the information that you want to see in the report, use the download icon on the top right of the page to either download the report or export it to a Google Sheet.

In an earlier exercise, you enrolled one of your users into 2SV. As mentioned previously, it can take up to 48 hours for these reports to reflect changes made, so if you check the status in the report for that user and it shows them as not being enrolled, this is normal.

Dive Into Security Center

Security Center brings together security best practices, analytics, and insights that can help you enhance security for your organization. The following video explores the security center, which can be found in the Google Workspace admin console.

Sum It Up

In this module, you explored security for Google Workspace in depth. From common account security settings, 2-step verification, and single sign-on, to built-in application security and the admin SDK API. Security and trust are high priorities and you recognize you must maintain them, rather than treating them as a “set it, and forget it” activity. Great job!

Share your Trailhead feedback over on Salesforce Help.

We'd love to hear about your experience with Trailhead - you can now access the new feedback form anytime from the Salesforce Help site.

Learn More Continue to Share Feedback