DoControl introduces security product suite for Google Workspace

DoControl released a security product suite for Google Workspace, designed to protect data, identities, configurations, and third-party connected apps.

DoControl’s SSPM provides Google Workspace customers with security capabilities that are not offered by Google’s built-in security ecosystem. Adopted by top Google Workspace customers, DoControl is the SSPM of choice for securing enterprise Google Workspace environments.

DoControl’s Google Workspace Posture Management mitigates admin misconfigurations, preventing them from becoming an organization’s Achilles’ heel. DoControl continuously monitors Google Workspace security settings, matching them to industry-leading regulatory frameworks, best practices, and standards such as CIS benchmarks. 

While Google provides a general view of potential Workspace misconfigurations, the view is often too high-level to be helpful, only detailing organizational units affected, but providing no details at the level of affected users and drives. Additionally, Google does not relate configuration issues to compliance standards nor provide remediation guidance.

With DoControl’s SSPM, all misconfiguration information is centrally accessible from one dashboard, including the misconfiguration’s definition, detection date, security domain, entities affected, impact on the organization and guided steps to remediation. Automated enforcement further streamlines and strengthens security, with policy workflows for notifications and remediation triggered upon detection of misconfiguration events.

“With the launch of our Posture Management module, DoControl has become the most complete security product suite for all Google Workspace customers, from startups to F500,” said Adam Gavish, CEO at DoControl. “We’re excited to expand our offering and provide a cohesive Google Workspace security solution that covers all of Google Workspace’s major attack surfaces: Data, Identity, Configurations, and Connected Apps.”

Google Workspace Identity Threat Detection and Response (ITDR) capabilities

DoControl’s Identity Threat Detection and Response (ITDR) is the only SSPM offering that correlates data exposure information to each identity. With DoControl ITDR, every user in the corporate Google Workspace has their own cross-SaaS identity profile, which aggregates access, activity and HR information from multiple SaaS applications to create a cohesive and trackable user identity. Identities are scored for risk and updated in near real-time based on SaaS events from Google Workspace and other corporate SaaS platforms.

When it comes to identity security, Google Workspace does offer organizations an Identity Access Management platform, including functions such as Multi-Factor Authentication (MFA), Single Sign-On (SSO) and Endpoint Management. But Identity Access Management alone cannot combat modern identity threats, which can come in the form of stolen credentials or insiders misusing their legitimate access for personal gain.

With DoControl’s SSPM, detection of identity threats is both swift and smart, leveraging historical user, department and company activity baselines and DoControl’s ML-based anomaly detection model. Deviations from normal behavior trigger security team alerts or automated remediations. DoControl enables an identity-level response to identity threats. Actions such as removing identity permissions across Google Drive assets or Google Workspace apps can be accomplished through granular automated remediations or as an on-demand remediation, at scale.

The comprehensiveness of DoControl’s platform makes it a critical tool for any organization looking to solidify their Google Workspace security. As voiced by Gartner in a recent report, both SaaS posture management and real-time detection and response elements are important components of SaaS ecosystem security.

“We use Google Workspace extensively to collaborate with customers and external providers,” says Daniel Wood, CISO of Unqork. “DoControl is essential for maintaining complete, thorough control of our Workspace asset security without disrupting our users’ workflow and productivity. It is a true business enabler.”