As an administrator, you can use security groups to control access to sensitive information and resources. You can create a new group or update an existing group to a security group.
Adding the Security label to a group makes it a security group. This action is permanent and adds security features, but doesn’t remove any other features of the original group. Groups with the Security label are easily sorted in the Google Admin console.
When to use security groups
Use security groups when you want to:
- Prevent external or non-security groups from joining a certain group—Only a security group in the same organization can join another security group.
- Ensure that groups only include members allowed by the parent—A group joining a security group must have the same or more restrictive membership permissions.
- Apply security policies to a group—We recommend making any group that you apply policies to a security group.
- Disable the option to automatically add all of your organization's users to a group—Security group membership is limited to the users, service accounts, and security groups that you permit.
Create a security group
To create a security group, follow the steps to create a group and check the Security box. For the steps, go to Step 1: Create a group.
Make an existing group a security group
-
Sign in to your Google Admin console.
Sign in using your administrator account (does not end in @gmail.com).
-
In the Admin console, go to Menu
Directory
Groups.
-
Click on the group name
Group Information
Labels.
-
Check the Security box.
-
Click Save.