Google means easy in the eyes of most people in this day and age. Thanks to SSO for revolutionizing the space of forgetting passwords, changing them, and forgetting them again.
In this blog, let’s look at Google Workspace and how Zluri transforms how you look at GW automation.
Google Workspace is an extension of Google's popular free apps like Google Calendar, Google Docs, Google Sheets, etc. It has a massive user base, with over 2 billion active users worldwide.
It is a user-friendly cloud-based business productivity tool designed to improve teamwork and efficiency. For instance, when working on a group project with the engineering and tech team, Google Docs allows real-time collaboration, enabling team members to collaborate and make simultaneous changes.
It offers organizations access to the same apps on a custom domain with enhanced security and administrative control. It enables organizations to manage and monitor users, apps, and activities while ensuring secure data exchange and compliance with regulations.
Onboarding might be the first step of the process but then comes complicated everyday administrative processes that are hard to automate. Say, when an employee moves within the organization, how would you deprovision all the old role-associated access and enable access with respect to the new role? It is all manually done.
Google Groups: Create, manage, and remove users from groups automatically via workflows.Roles & permissions: Define policy-based workflows to modify user roles & permissions and associated accessibility to applications.
It is essential to keep one thing in mind: Automating workflows saves much time on manual administration. Once all the workflows are set, you have to run those on employees with respect to their roles.
Bucketing users to groups and enabling access is one thing, but to what level a user’s permission is can’t be defined individually, and this is where predefined workflows come into play.
In any small organization, onboarding and offboarding users is not a big deal and can be done manually, but when you are required to onboard/offboard hundreds of employees daily, it turns out to be a hassle.
On top of this, how do you ensure the employee’s data is accessible even when they move out of the organization? And be up to date on the conversations associated with any offboarded employee.
Zero-touch on/offboarding: Create and delete GWS users by setting up automated workflows for Joiners, Movers, and Leavers.
In the case of onboarding, based on an employee’s role and other parameters specific to organizations, the employee will be onboarded with prebuilt playbooks. This consists of creating/adding to groups and assignments, enabling access to birthright applications, and more.
On the other hand, when a user is offboarded, they need to be completely deprovisioned off their accessibility to applications. You can create playbooks based on roles that can be run for employees as and when they leave the organization to overcome patchy offboarding.
If you’d like to avoid patchy offboarding, here’s a complete offboarding checklist: https://www.zluri.com/blog/secure-it-offboarding-checklist/
How efficiently can you manage data from movers and keep a constant log of conversations associated with the user? More often than not, you tend to miss out on key resources owned by a mover, and you won’t be able to access them once their account is deleted.
In another case, a certain employee might have breached security policies, and their MFA has to be disabled. Identifying the problem is the initial step, followed by action on it, which consumes a lot of time and could turn out to be too late to be acted upon.
Transfer data and email forwarding: Ensure files and folders are securely re-assigned from leavers, and their future emails are forwarded to the assignee.Security actions: Enable/disable MFA and restrict IP addresses based on triggers.
Every user will have a bunch of data associated with/owned by them. In cases where they move out of the organization, you can forward emails and transfer data from the mover to not lose out on vital resources.
In addition, workflows can be set up to be automated based on a certain trigger. For example, if an employee violates a particular security policy, the trigger can be set up so that the employee’s MFA is disabled automatically. This ultimately serves promptness and automates a lot of manual tasks.
Here are a few of the security actions you can enable: Sign Out a User from All Sessions and devices, Delete all user devices, delete a Chrome browser device, update the Chrome browser user, and Issue a command on a Chrome OS device.
Failing to deprovision licenses from movers and leavers will result in spending a lot on unused licenses. On the other hand, there might be instances where an employee is supposed to use an application to its full potential, but how do you evaluate it and make insight-led decisions?
Central visibility: Manage all contracts & licenses from one dashboard.Auto-reclaim licenses: Remove and re-assign unused, inactive GWS licenses.Reconcile True-ups: Keep track of new licenses being procured and their spending.
As you can see in the above image, 76 users are marked inactive in SSO, but their GWS license is still not deprovisioned. This means you are spending on 75 unused licenses.
In every business, there’ll be a lot of true-ups and true-downs of licenses frequently. But with a platform like Zluri, you get complete insights into how many licenses are availed, how many are used to their full potential, and how many aren’t deprovisioned. These exhaustive insights help you make insight-led decisions.
Additionally, the one dashboard visibility into licenses helps you keep track of licenses being procured across any department in real time.
Tackle all the problems caused by decentralized, ad hoc SaaS adoption and usage on just one platform.