Security best practices

To help keep your organization's data safe and secure, we recommend taking the following steps to reinforce and monitor the security of your Google for Work account:

  • Set up 2-step verification
    Reinforce password security by requiring that users enter an additional code from their phones when signing in to their Google for Work account. This can greatly reduce the risk of unauthorized access if a user's password is compromised.
  • Reduce risk of email spoofing
    Spammers can forge, or "spoof," your domain's From address to make their spam look like it came from someone in your domain. To help prevent this type of abuse, we recommend three anti-spoofing measures that can authenticate mail sent from your domain.
  • View security settings and revoke access
    Manage users' security settings to enforce 2-step verification and password strength, and to revoke any application-specific passwords that have been granted access to the user's account.
  • View user behavior reports
    Use your Google Admin console to monitor the use of 2-step verification and other security measures in your organization.
Was this article helpful?
Sign in to your account

Get account-specific help by signing in with your Apps for Work account email address, or learn how to get started with Apps for Work.