Use the following Google Admin features to monitor and augment your organization's security:

• Configure 2-step verification to force users to enter a separate code from their phones to access Google Apps. This helps prevent unauthorized access if passwords are compromised. Also see Enforcement of 2-step verification for instructions on requiring 2-step verification on an organizational or group basis.
• See Checking security settings and revoking access for instructions to control 2-step authentication, set acceptable password strength, and revoke application-specific passwords and services that have been granted access to the user's Google account.
• Additional reports provide details about 2-step verification use and other security aspects.