G Suite is Google’s business productivity suite that includes business email, cloud storage, and collaboration tools. If you manage your employees in Google, then this integration will be perfect for keeping track of all your people assets.
Up-to-date asset inventory
By syncing with G Suite, you'll keep your "People" and "Groups" up-to-date in Comply. Tickets can automatically trigger whenever there are new assets detected - for example, Comply can automatically trigger your Employee Onboarding procedure whenever a new person is detected in G Suite, or your Employee Offboarding procedure whenever a person is deprovisioned.
Automatic 2FA evidence
Every month, Comply will scan your G Suite users to ensure that 2FA is enabled and produce evidence to use in an audit. Read more about events and automations here and details on the specific events associated with this integration are listed below.
We use Google's robust permissions system to ask for only the read-only access we need. You can review each permission we request during the install process.
Ensures account has multi-factor authentication enabled (i.e., if there is an
Comply creates an issue if MFA policy is disabled or if there is an unknown MFA policy (i.e., if there is an
ISO: A.9.3.1, A.9.4.2,
G Suite provides
MFA Policy Scan events. The event will either be tagged
MFA Policy Enabled or
MFA Policy Disabled.
The out of the box automations that are created by this integration will generate healthy evidence for 'MFA Policy Enabled` and Needs Attention evidence for 'MFA Policy Disabled'. You can customize this behavior by editing the automations, including triggering tickets for followup work (e.g. investigating any Account found not to have enabled 2FA (and recording the exception where appropriate).
- Login to an admin account for your Google organization.
- Click the Authorize link in Comply to be taken through the Google login process.
The most common problems when setting up the integration are:
- Not being logged into a GSuite admin account.
- GSuite account only allows whitelisted applications. If you receive a whitelist error, you can add the following Client ID to your whitelist:
If you receive an error message when trying to sync your integration, please check the above items and contact [email protected] if the problem persists.
Updated about a month ago