Supported editions for this feature: Enterprise; Education Plus. Compare your edition
Some features in the security center—for example, data related to Gmail and Drive—are not available with Cloud Identity Premium.
Super Admins have automatic access to all security center features, including the security dashboard, the security health page, and the investigation tool. You can give delegated admins access to a specific security center feature (for example, just the security dashboard) by granting them the administrator privileges needed to access that feature.
For general instructions about granting privileges to delegated admins, see Create, edit, and delete custom administrator roles.
Grant security center privileges to an admin
-
Sign in to your Google Admin console.
Sign in using your administrator account (does not end in @gmail.com).
-
From the Admin console Home page, go to Admin roles.
- Point to a custom administrator role.
Tip: If you need to create a new admin role, see Create a custom role. - Click View privileges.
- Click Open privileges.
- Check the privileges for the security center area you want to grant access to (see table below).
-
Click Save.
Security center privileges
Security area | Privilege required |
---|---|
Security page |
Security To open the Security page, click the Security icon on the Admin console home page, or click Security in the main menu at the top-left corner. |
Security dashboard |
Services Note: Some admins with Reports privilege may have access to the security dashboard. For the security center, the new Dashboards privilege has replaced the Reports privilege. (The Reports privilege for non-security-center reports in the Google Admin console will not be changed.) |
Security health |
|
Investigation tool |
Services For more information see Admin privileges for the investigation tool. |
Settings reference for the security health page
Super Admins automatically have access to all security health settings. For other admins, they need super admins to grant them the additional privileges listed below for each setting (or group of settings). If an admin doesn't have the required privileges for specific settings, those settings won't appear on the security health page.
Note: The security health settings for two-step verification for users, security key enforcement for users, and groups creation and management, are only visible to super admins and can't be delegated.
Security health setting | Privileges required |
---|---|
Supported edition: Enterprise |
Gmail |
Supported editions: Enterprise |
Only available for Super Admin accounts. |
Supported edition: Enterprise |
Services Note: Assigning the Service Settings privilege automatically checks the Settings box for Gmail, Drive, and Calendar as well. All the Gmail, Drive and Calendar security health settings are visible to an admin who is assigned the Service Settings privilege. |
Supported edition: Enterprise |
Services |
Supported editions: Enterprise and Essentials |
Services |
Supported editions: Enterprise, Essentials, Cloud Identity Premium |
Services |
Supported editions: Enterprise, Essentials, Cloud Identity Premium |
Only available for Super Admin accounts. |