Visit the Google Workspace Official Website here

Why Google Workspace Security Settings Are Important

Information leaks due to unauthorized access to cloud services are increasing year by year, and small and medium-sized businesses are increasingly becoming targets. Google Workspace is equipped with many security features, but many are not enabled by default. This article explains the key settings that should be configured, including the latest AI security features added in 2025-2026.

1. Enforcing 2-Step Verification (MFA) Across the Organization

This is the most important security measure. Enforce it for all users from the Admin console → "Security" → "2-Step Verification".

  • Recommended method: Google Authenticator app (TOTP) or security key (e.g., YubiKey)
  • Administrator accounts: Always use a security key (highest level of protection)
  • Enforcement deadline: Allow a one-week grace period from the setting change and inform everyone

2. Suspicious Email Countermeasures (SPF/DKIM/DMARC)

You can prevent email spoofing by adding the following settings to your DNS:

  • SPF: Specify allowed sending servers in DNS TXT records
  • DKIM: Prove email authenticity with a digital signature for the sending domain
  • DMARC: Reject or quarantine spoofed emails based on SPF/DKIM verification results

You can configure this in the Admin console → "Gmail" → "Spam, phishing, and malware". Start with a DMARC policy of p=none (monitoring only), and if there are no issues, gradually strengthen it to p=quarantinep=reject.

3. Restricting External Sharing

You can restrict external sharing by organizational policy from the Admin console → "Drive and Docs" → "Sharing settings".

  • Set folders containing confidential information to "Organization only"
  • If external sharing is required, make it "Approval-based" for administrator review
  • It is also necessary to confirm that exception settings for individual files within folders were abolished due to a specification change in September 2025

4. Enabling Advanced Phishing Protection

In Gmail settings, under "Enhanced protection against spam and phishing," you can improve the automatic detection accuracy for suspicious emails. Specifically, enable the following settings:

  • Quarantine unusual attachments
  • Spoofing and authentication checks
  • Flagging impersonation by external senders

5. Added October 2025: AI-Powered Ransomware Detection

AI-powered ransomware detection was added to Google Drive in October 2025.

  • AI detects ransomware spread patterns in real-time
  • Sends alerts to administrators if an infection is suspected
  • Assists with file recovery to a pre-infection state
  • Status can be checked from the "Security center" in the Admin console

6. Regular Review of the Security Center

In the Admin console → "Security" → "Security center," your organization's security status is displayed in a dashboard.

  • Improvement recommendations are automatically displayed for high-risk settings
  • Review suspicious logins and access from abroad in chronological order
  • Detect abnormal behavior such as large file downloads

Establish a monthly regular review as an operational rule.

7. Endpoint Management (Mobile Device Management)

You can manage access from smartphones from "Devices" → "Mobile device management".

  • Remote wipe in case of loss or theft
  • Selective wipe to erase company data only
  • Enforce password and encryption on devices

8. Removing Unnecessary Third-Party Apps

You can check third-party apps integrated with Google Workspace from the Admin console → "Security" → "API controls". Regularly remove unused apps to reduce attack vectors.

January 2026: Responding to POP3 Deprecation

As of January 2026, the feature for receiving emails from other accounts via POP3 in the Gmail web client has been deprecated. Identify users who were using this setting through the Admin console's audit log and guide them on how to address it.

Security Checklist

  • ✅ Enforce 2-Step Verification for all users (security keys mandatory for administrators)
  • ✅ SPF, DKIM, and DMARC configured
  • ✅ External sharing restricted to the bare minimum
  • ✅ AI ransomware detection enabled
  • ✅ Security center reviewed monthly
  • ✅ Offboarded accounts promptly deleted
  • ✅ Unused third-party apps removed
  • ✅ POP3 deprecation impact checked and addressed

Summary

Security measures are not "set it and forget it"; regular review is necessary. Google continuously enhances security features, such as the AI ransomware detection in October 2025. Start by enforcing 2-Step Verification company-wide and instill the habit of reviewing the Security Center once a month across the entire organization.

▶ Check details and free trial on the Google Workspace Official Website