Context Aware Access insights and recommendations are now generally available

Qué está cambiando

We’re making it easier to apply context-aware access (CAA) policies with new insights and recommendations. We’ll proactively surface potential security gaps and suggest pre-built CAA levels which admins can deploy to remediate the security gaps. These insights will be surfaced to customers, if they have not deployed any CAA policies to their users. When you deploy a recommendation, it will first be placed in Monitor Mode, so you can understand how the policy will block user access over time, and can be reviewed in the CAA audit logs.

With this release, we’ve also added the ability for admins to customize the recommendations as they see fit before they’re applied broadly. Additionally, we’ll send primary admins an email on a quarterly basis with insights and actionable recommendations.

A quién afecta

Admins

Por qué es importante

Using Context-Aware Access, admins can set up different access levels based on a user’s identity and the context of the request (location, device security status, IP address). This can help provide granular access controls without the need for a VPN, and give users access to Google Workspace resources based on organizational policies. Insights and recommendations help admins improve the cybersecurity posture of their organization by proactively identifying areas that need attention, significantly reducing the need for admins to identify these risks themselves. For example, if we detect devices with outdated operating system versions accessing corporate Workspace data, we can surface this as an Insight & pair it with a recommendation to block such devices from accessing Workspace data with a few clicks.