Pre-built administrator roles | Security best practices for administrator accountsĮnable auto update for apps and Internet browsers Super admins should sign in as needed to do specific tasks and then sign out. For daily administrative tasks, use an account with limited admin roles. Staying signed in to a super admin account when you aren’t performing specific administrative tasks can increase exposure to potential malicious activity. ![]() Super admins can manage every aspect of your company’s account, and can access all business and employee data. Super admins shouldn’t remain signed in to their account Security best practices for administrator accounts You should keep account information and DNS credentials in a secure place in case they’re needed. The admin also needs to verify DNS ownership of the domain. To verify identity, Google asks questions about the organization’s account. If a super admin can’t reset their password using email or phone recovery options, and another super admin isn’t available to reset the password, they can contact Google Support. Keep information on hand for super admin password reset You create another super admin by assigning the super admin role to another user. If your primary super admin account is lost or compromised, the backup super admin can perform critical tasks while the primary account is recovered. ![]() Admins and users with 2SV turned on should generate and print backup codes and keep them in a secure location.Ī business should have more than one super administrator account, each managed by a separate person. In a case like this, they can use a backup code for 2SV. Examples are a user who receives 2SV verification codes on their phone and loses their phone, or a user who loses their security key. If your business enforces 2SV and a user or admin loses access to their 2SV method, they won’t be able to sign in to their account. To do that, Google needs a recovery phone number and email address for the account.Īdd recovery options to your administrator account If your admin forgets their password, they can click the Need help? link on the sign-in page and Google will send a new password via phone, text, or email. Protect your business with 2-Step Verification | Deploy 2-Step verificationĪdmins should add recovery information to their account You should enforce 2SV for admins and key users. We recommend that everyone in your business use 2SV, but it’s especially important for admins and users who work with sensitive data such as financial records and employee information. ![]() If someone manages to steal your password, 2-step verification (2SV) can prevent them from accessing your account.ĢSV requires users to verify their identity through something they know (such as a password) plus something they have (such as a physical key or access code) to gain access. Require admins and key users to give extra proof of who they are For example, think of a long sentence and use the first letter of each word as your password.Īlso discourage password reuse across different accounts, such as email and online banking.Ĭreate a strong password & a more secure account A good password is the first line of defense to protect user and admin accounts.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |