As an administrator, you can set up company-owned and personal Microsoft Windows devices to use Google’s single-sign on (SSO) access security, push Windows settings, and wipe device data remotely. Enhanced desktop security for Windows has two complementary features that can be set up together or individually.
- Google Credential Provider for Windows (GCPW)—Use Google Account authentication on Windows 10 devices.
- Windows device management—Manage Windows settings on enrolled devices.
- Setup procedures
- More resources for admins
- Help for GCPW users
- GCPW is available with all G Suite and Cloud Identity editions. However, to deploy GCPW and Windows device management together, you must have G Suite Enterprise, G Suite Enterprise for Education, or Cloud Identity Premium.
- Windows device management is available with G Suite Enterprise, G Suite Enterprise for Education, or Cloud Identity Premium.
- Windows 10 Pro, Pro for Workstations, Enterprise, or Education, version 1803 or later
- For GCPW, Chrome Browser 81 or later
This feature is available with all G Suite and Cloud Identity editions.
You can let users sign in to a Windows 10 device using the Google Account your organization provides. You can configure GCPW so that a user’s Google Account syncs with their Active Directory or local Windows profiles. GCPW also provides the following benefits:
- Additional security—Users get all the security benefits of their Google Account on their Windows 10 device. These features include anti-hijacking features such as 2-step verification (2SV) and login challenges.
- SSO experience—Users can access G Suite services and SSO apps in Chrome Browser without the need to re-enter their Google credentials.
- Password synchronization—Keep users’ Google passwords in sync with their Windows passwords in the Admin console or with G Suite Password Sync.
- Automatic enrollment in Windows device management—If you use GCPW and Windows device management, devices are automatically enrolled in Windows device management when the user signs in and activates GCPW.
- Perform admin actions:
To use GCPW, you need to install it on each Windows device. Learn how to set up and install GCPW.
This feature is available with G Suite Enterprise, G Suite Enterprise for Education, and Cloud Identity Premium editions.
With Windows device management, you can configure and manage enrolled devices from the Admin console.
|Setting management||Device management|
Learn how to set up Windows device management.
You can set up GCPW and Windows device management together or only the one you want to use.
Note: For company owned devices, we recommend you also add them to the company owned inventory.Set up both (recommended)
When you enable Windows device management and install GCPW on a device, the device is automatically enrolled in Windows device management.
For instructions, see Set up GCPW and Windows device management together.
Use this set up when you have a third-party EMM to manage devices and only want the Google sign-on experience.
- YouTube: How do I manage Windows 10 devices within my organization?
- Coursera: Device management modules in Introduction to Cloud Identity and Managing G Suite
- Sign in to Windows with your managed Google Account
- Manage Google work passwords on a Windows 10 device
Google, G Suite, and related marks and logos are trademarks of Google LLC. All other company and product names are trademarks of the companies with which they are associated.