Security best practices

To help keep your organization's data safe and secure, we recommend taking the following steps to reinforce and monitor the security of your Google enterprise account:

  • Set up 2-step verification
    Reinforce password security by requiring that users enter an additional code from their phones when signing in to their Google enterprise account. This can greatly reduce the risk of unauthorized access if a user's password is compromised.
  • Reduce risk of email spoofing
    Spammers can forge, or "spoof," your domain's From address to make their spam look like it came from someone in your domain. To help prevent this type of abuse, we recommend three anti-spoofing measures that can authenticate mail sent from your domain.
  • View security settings and revoke access
    Manage users' security settings to enforce 2-step verification and password strength, and to revoke any application-specific passwords that have been granted access to the user's account.
  • View user behavior reports
    Use your Google Admin console to monitor the use of 2-step verification and other security measures in your organization.