This message is especially intended to reach all Google Admins and Super Admins<.p>
Here are a few access control and security features we recommend to keep your Google Admin account secure:
Google recommend that everyone in your business use 2-Step Verification (2SV), but it's especially important for admins and users who work with sensitive data such as financial records and employee information. If someone steals a password, 2SV can prevent them from accessing your account.
With 2SV, users need to verify their identity through something they know (their password) plus something they have (such as a physical key or access code). You should enforce 2SV for admins and key users, where possible with a FIDO compliant security key.
Protect your business with 2-Step Verification | Deploy 2-Step Verification
A business should have more than one super admin account, each managed by a different person. If your primary super admin account is lost or compromised, the backup super admin can perform critical tasks while the primary account is recovered. You can create another super admin by assigning the super admin role to another user.
Assign administrator roles to a user Super admins shouldn't remain signed in to their account
Super admins should sign in as needed to do specific tasks and then sign out. Staying signed in to a super admin account when not performing specific administrative tasks can increase exposure to malicious activity.
Daily administrative tasks should be done using an account with limited admin roles.
Pre-built administrator roles | Security best practices for administrator accounts
To learn more about security best practices for your Google account, review our security checklists as provided for from your Admin notification Email.
This is a notification to such users that - You're receiving this mandatory email service announcement to update you about important changes to your Google account. This message has been sent to all user admins to inform them of access controls and security best practices.