PRODUCT UPDATES

Get Google Unmanaged Accounts under control with Zygon

Oct 2, 2024
6 min read
Contents
Text Link

Unmanaged Google accounts created with company email addresses pose security and management risks, as they remain outside the control of organizational administrators, but claiming your domain and converting these accounts to managed ones can mitigate these threats effectively.

Potentially, you have no control over Google unmanaged accounts

Imagine your company’s email services are hosted on platforms like an on-premise Exchange server, Microsoft 365, or GoDaddy email. If an employee (tom@acme.com) needs access to Google services, they might create a personal Google account using their company email. This account could be used for activities such as managing Google Analytics, getting SaaS access via OIDC, or accessing Google Drive documents. Once the account is created, it’s linked to your company domain but remains entirely unmanaged by your organization. As an admin, you have no control over this account—meaning you cannot access its password, view activity logs, or manage it through your own email systems. Any password resets or changes made in your company’s email system will not affect this Google account In other words, these accounts are created independently by users using one of your organization’s domains. Since these accounts are personally managed by the individual who created them, they are not under the control of Cloud Identity administrators, nor do they belong to domain-verified customers.

Risks are underestimated but real

As a result, your organization has no oversight over the configuration, security, or lifecycle of these accounts. These unmanaged accounts are often called personal or consumer accounts because the user registered for Google consumer services with their company email address This situation is common, but it’s not ideal for managing your users and securing their work data. A business-related unmanaged account that uses a corporate email address present 2 main risks to your organization: Account deactivation when an employee leaves the organization: You have no control over the life cycle of an unmanaged user account. If an employee departs from the company, they could continue using the unmanaged account to access corporate resources (like Google Services or Apps they logged into while employed) or to incur corporate expenses. Social Engineering Risk: even if you revoke access to all resources, an unmanaged account can still present a risk. Since the account uses a seemingly legitimate identity with your company’s domain, a former employee might persuade current employees or business partners to grant access to resources once more—such as a sensitive Drive file or a social network. This former employee might exploit the unmanaged account to engage in activities that violate your organization’s interests.

The solution is simple and free

Step 1: claim your domain name on Google. Once you become a Google Workspace administrator, you can: Set policies for handling conflicting accounts during user provisioning (Click here for more info) Invite unmanaged users to convert their accounts to managed ones within your domain,
 Step 2:  integrate your Google Workspace with Zygon to gain visibility into all apps and accounts that were previously unmanaged. Additionally, a new identity source will be created for each user found in Google Workspace. New Apps and accounts are automatically added to  Zygon.

Kevin Smouts
Co-founder and CPO at Zygon. Kevin loves to share his views about Cybersecurity.
Need an access management security check up ?
Get your audit now

FAQ

All the questions you can have

What is a CMS?

A Content Management System (CMS) is a software application that allows users to create, manage, and modify content on a website without the need for specialized technical knowledge. It provides a user-friendly interface for managing digital content, making it accessible to a wider audience.

  • User-Friendly Interface: Most CMS platforms offer intuitive dashboards that simplify content creation and management.
  • Customization: Users can customize the look and feel of their website through themes and plugins.
  • SEO Tools: Many CMSs come with built-in SEO features to help improve website visibility.

In summary, a CMS is essential for anyone looking to establish an online presence efficiently.

How to Choose a CMS?

Ensure that the CMS can grow with your business. It should be able to handle increased traffic and content as your site expands.

By considering these factors, you can make an informed decision that aligns with your goals.

What is SEO?

Search Engine Optimization (SEO) is the practice of enhancing your website to improve its visibility on search engines like Google. The higher your site ranks, the more likely it is to attract visitors.

  • Keyword Research: Identifying the right keywords to target is essential for driving relevant traffic.
  • On-Page SEO: This involves optimizing individual pages to rank higher and earn more relevant traffic.
  • Link Building: Acquiring backlinks from reputable sites can significantly boost your site's authority.

In conclusion, effective SEO strategies can lead to increased visibility and traffic for your website.

How to Improve Website Speed?

A CDN can distribute your content across multiple servers, reducing the distance data has to travel to reach users.

By implementing these strategies, you can significantly enhance your website's performance.

What is Responsive Design?

Improved User Experience: A responsive site provides a seamless experience across devices, keeping users engaged.

SEO Advantages: Google favors mobile-friendly websites, which can improve your search rankings.

Cost-Effective: Maintaining a single responsive site is more efficient than managing separate sites for different devices.

In summary, responsive design is essential for modern web development, ensuring accessibility and usability for all users.