Security best practices
To help keep your organization's data safe and secure, we recommend taking the following steps to reinforce and monitor the security of your Google for Work account:
- Set up 2-step verification
Reinforce password security by requiring that users enter an additional code from their phones when signing in to their Google for Work account. This can greatly reduce the risk of unauthorized access if a user's password is compromised.
- Reduce risk of email spoofing
Spammers can forge, or "spoof," your domain's From address to make their spam look like it came from someone in your domain. To help prevent this type of abuse, we recommend three anti-spoofing measures that can authenticate mail sent from your domain.
- View security settings and revoke access
Manage users' security settings to enforce 2-step verification and password strength, and to revoke any application-specific passwords that have been granted access to the user's account.
- View user behavior reports
Use your Google Admin console to monitor the use of 2-step verification and other security measures in your organization.