Thursday, September 3, 2020

Security groups help manage groups used for security and access control

What’s changing 

We’re making security groups available in beta. Security groups help you easily regulate, audit, and monitor groups used for permission and access control purposes. They enable admins to: 
  • Apply a label to any existing Google Group to distinguish it from email-list groups. 
  • Provide strong guarantees that: 
    • External groups (owned outside your organization) and non-security groups cannot be added as a member of a security group. 
    • Security labels, once assigned to a group, cannot be removed. 
Soon, you’ll be able to use more granular admin roles to separate administration of security and non-security groups. Keep an eye on the G Suite Updates blog for an announcement when that rolls out. 


Who’s impacted 

Admins and developers 


Why you’d use it 

Groups are used in a variety of ways. This can include groups that help teams communicate and collaborate, as well as groups that control access to important apps and resources. Security groups can help customers manage these categories of groups differently to increase their overall security posture. 

For example, if you have compliance or regulatory requirements for managing access control, you may have set up naming conventions to keep track of which groups were used for this purpose. With security groups, you can now assign a security label to these groups and more easily manage them without having to use workarounds like naming conventions. 


Getting started 

Rollout pace 

  • This feature is available now for all users in beta. 

Availability 

  • Available to all G Suite customers 

Resources