Protect Google Workspace (G-Suite)

AuthN by IDEE Integration: Google Workspace

Protect Everything

Google Workspace (G-Suite) is one of the most widely used cloud-based collaboration suites for business. It's where an organization will go to meet, create, & collaborate, and it must be protected. AuthN by IDEE integrates with Google Workspace harmoniously, to provide an extra layer of bullet-proof security, so tough it will eliminate all credential phishing and password-based attacks (including Adversary in the Middle AiTM). And so elegant, users will barely notice!

Request a demo
Glass-walled office with the Google Workspace logo prominently displayed, illustrating AuthN by IDEE's integration with Google Workspace (G-Suite) to provide advanced security for cloud-based collaboration suites.

Login You’ll Barely Notice

With AuthN same-device MFA, your new login and authentication flow is smoother than Sean Connery’s James Bond! In fact, it is so discrete, that you’ll barely notice it.

1.

Users still visit the same URL, but they will be redirected to AuthN for login.

2.

Then they are asked to unlock their device (however they usually do this, such as facial recognition, PIN, Windows Hello, Touch ID, or whatever it might be)!

3.

As soon as the user has unlocked his or her device, they have authenticated and logged in.

Simple Integration in
Just a Few Steps

The great news is, it only takes a short time to set up your Google Workspace integration to keep your suite secured and 100% phish-proof right away. Google Workspace supports both SAML-based and OIDC-based SSO protocols – and so do we! Your organizations’ needs will help determine which configuration options you should select, however the most common way to connect is via SAML.

Request a demo

Step-by-Step Configuration Guide

You’ll need to login to the integrations portal and then follow these simple steps:

  • Log in into Google Admin Console at admin.google.com (Sign in using an administrator account)
  • In the Admin console, go to partyIdP.
  • Check the ‘Set up single sign-on (SSO) with a third party IdP’box.
Complete the following information:
  • (AuthN Portal action) Copy the value of the ‘Sign-in page URL’ from AuthN Portal....and paste it into ‘Sign-in page URL’ field.
    For ‘Sign-outpage URL’, put anything e.g. https://www.google.com
  • Download IdP Certificate from the AuthN Portal ...and upload it by selecting ‘Replace certificate’ (this option might be called differently if the cert has never been uploaded)
  • Check the ‘Use a domain specific issuer’ box.
  • On AuthN Portal, for the Domain field, enter the Primary Domain from the Google Admin Console.
  • Click Save.

For further documentation on all other options available, consult Google’s support pages on how to integrate Google Workspace with a third party IdP.  

Supported Google Workspace Services

Everything within your account is protected:

Icon of a gear symbol, representing support for Google Admin services.

Google Admin

Icon of the Gmail envelope logo representing support for Gmail (Email) services.

Gmail (Email)

Icon of the Google Drive triangular logo representing support for Google Drive services.

Google Drive

Icon of a calendar with the number 31, representing support for Google Calendar services.

Google Calendar

Icon of a document page, representing support for Google Docs, Sheets, and Slides services.

Google Docs, Sheets & Slides

Icon of a form document, representing support for Google Forms services.

Google Forms

Icon of a webpage with a folded corner, representing support for Google Sites services.

Google Sites

Icon of a video camera with chat bubble colors, representing support for Google Meet & Google Chat services."

Google Meet & Google Chat  

Icon of multiple stacked documents, representing support for all additional Google Workspace services beyond the listed applications.

And everything
else that is available beyond your login….

Fingerprint used for Biometric Authentication MFA

And yes, we also protect any legacy password-based systems.

AuthN by IDEE seamlessly integrates with Google Workspace through modern federation protocols. Thereafter, any application can be seamlessly accessed via MFA 2.0.

In addressing the needs of legacy systems reliant on passwords, AuthN by IDEE offers seamless integration with reverse proxy, Zero Trust Network Access (ZTNA), Secure Access Service Edge (SASE) and Virtual Private Network (VPN) solutions. By enforcing phish-proof Multi-Factor Authentication (MFA 2.0) prior to password entry, AuthN ensures robust security measures are in place. This approach guarantees that only authenticated users that have the appropriate access rights to the designated application, and that have successfully completed the MFA 2.0 process, are permitted to enter passwords and gain access, thereby fortifying system security comprehensively.

Vintage desktop computer displaying the AuthN by IDEE logo, symbolizing support for legacy password-based systems. The accompanying text explains how AuthN by IDEE integrates with legacy systems using modern protocols like Zero Trust Network Access and Secure Access Service Edge, enabling secure Multi-Factor Authentication (MFA 2.0) for older systems.
Person sitting comfortably on a red bean bag chair using a laptop, representing the ease of choosing the right authentication method. The accompanying text discusses different supported authentication methods, including WebAuthn, FIDO2 Security Key, Push, and QR, highlighting the benefits of using WebAuthn for secure, phishing-proof authentication.

Chose An Authentication Method That’s Right for You

We highly recommend you use WebAuthn which is the phish-proof, friction-free, same-device MFA 2.0 method. However, you do have choices and, it is up to you. Supported authentication methods include:

  • WebAuthn
  • FIDO2 Security Key
  • PUSH
  • QR

Web-Authn offers the highest level of protection. We ensure that your digital identity is secure from phishing and password-based attacks throughout the entire lifecycle, which is why Web-Authn is our preferred and recommended option.

Device Requirements

Web-Authn works on any computer with a TPM chip (most machines from 2016 onwards have this) and/or any smartphone with a secure enclave or secure element is also compatible.

The following popular browsers are supported:

  • Microsoft Edge
  • Chrome
  • Safari
  • Internet Explorer 7 or higher
Illustration of a laptop showing the IDEE login page, emphasizing compatibility with devices having TPM chips or secure enclaves and browsers such as Microsoft Edge, Chrome, Safari, and Internet Explorer.

User Enrolment

Register A New Device in Seconds!

AuthN by IDEE ensures that only a trusted user can access a trusted service on a trusted device when the user is proven to be in control. User devices, therefore, must be registered. It only takes a few seconds for a user to register their device.

Here’s how it works in just a couple of clicks:

Your Step-by-Step Guide

1.

User goes to Google Workspace for the first time and signs in

2.

They will be redirected to AuthN by IDEE to set up their device.

4.

The user simply unlocks their device, using facial recognition, PIN, Windows Hello, or fingerprint.

5.

They will receive a secure magic link via email.

6.

The user clicks on the link which opens a new tab in the browser.

7.

User clicks ‘accept’ at which point they have registered their device. 🎉

Now every time a user wants to login to their Google Workspace account, they just unlock their device. That’s all.

Request a demo
Fingerprint used for Biometric Authentication MFA

Fallback Procedures

We don’t just eliminate credential phishing; we also eliminate the stress associated with account recovery!

Person looking to the side with a thoughtful expression, captioned 'No More Passwords. At All. Ever!

Never Use a Password Ever Again
(at least not for authentication)!

We don’t like or use passwords because passwords are phishable. We will never ask users to create passwords – not even for account recovery. Be free!

Button
Person smiling confidently, captioned 'No More Phishable Back-up Recovery Methods.

No More Phishable Back-up Recovery Methods

Everything you need is already housed within the secure hardware of your registered device. In the unlikely event that you do lose access to your trusted device (which is likely to be your work machine), you simply re-establish trust on your new one using secure identity proofing or setup the new device from an existing device using transitive trust. There is no need to set-up phishable backup Google Authenticator codes or fallback to passwords .. Now that’s a relief!

Button
Person looking satisfied with a subtle smile, captioned 'Reduce Account Recovery.'

Reduce Account Recovery

Same-device MFA means no separate keys, or tokens which can be misplaced. Kiss goodbye to expensive hardware replacements and reduce the many reasons to bother IT (hopefully they won’t get lonely)!

Button

Updates & Maintenance

AuthN by IDEE is fully SaaS (Software as a Service). There is nothing to remember to keep up to date to remain secure. With no additional hardware or software of any kind there is no firmware or software to update – you are secure, all the time... Now that’s real peace of mind.

How We Protect Your Data

Actually… what data? AuthN by IDEE holds zero personal identifiable information (PII) about its users, which is one of the reasons why it is so secure! That said, we take security and privacy incredibly seriously. Privacy is our primary company value, and this is why we also go to enormous lengths to ensure we meet all the important standards and compliance regulations you would expect from a chief cyber security vendor.

Icon of a circular badge with stars and 'EU' in the center, symbolizing GDPR compliance.

GDPR Compliant

IDEE is fully GDPR compliant, meaning that we take your data seriously. Always.

Icon of a certification seal labeled 'ISO 27001,' indicating that IDEE is certified under the ISO 27001 standard.

ISO 27001

We are 27001 certified.

Icon of a certification badge labeled 'AICPA SOC,' representing SOC2 Type II compliance.

SOC2 Type II

We are SOC2 certified.

Icon of a shield with a check mark, symbolizing Defense In-Depth security.

Defense In-Depth

One layer is not enough. We employ layered security for every action.

Icon of a digital network diagram, representing decentralized credentials.

Decentralized Credentials

Fully decentralized asymmetric keys stored inside the device security chip.

Icon of a document with binary code, representing strong encryption.

Strong Encryption

AES-256-Bit & ECC-512.

Did Somebody Say Compliance?

Rest assured, we are proud to say, that the AuthN by IDEE technology is backed by all the important standards. Due to new and incoming legislation, this is especially important if you are based in Europe or The United States.

Icon of a balanced scale, representing legal compliance.

United States - EO 14028 & OMB M-22-09

This executive order outlines the mandate for all federal government agencies and civilian agencies in the federal government, to use phish-resistant MFA. AuthN by IDEE goes one step further, in offering phish-proof protection compliant with EO 14028 & OMB M-22-09.

Icon of a document with a check mark, representing compliance with European regulations.

Europe - The Digital Operational Resilience Act (DORA) - Regulation (EU) 2022/2554 – DORA

DORA is new legislation aimed at increasing security in the financial sector in the EU and asserts that organizations will be obliged to “Implement  strong authentication mechanisms, based on relevant standards.” AuthN by IDEE is fully compliant with DORA.

Icon of the NIST logo, representing compliance with NIST digital identity guidelines.

NIST (National Institute of Standards and Technology) Compliant

We are compliant with NIST’s digital identity guidelines (NIST SP 800-63).

Icon of the FIDO logo, representing FIDO2 compliance.

FIDO2 Compliant

Expanding upon a FIDO2 compliant architecture, AuthN by IDEE is a strong zero-trust application of MFA. We do not trust blindly; all authentications are explicitly verified.

Icon of a lock with the PSD2 logo, representing compliance with the PSD2 Strong Customer Authentication (SCA) requirements.

PSD2 Compliant SCA

Our MFA uses factors that supersede the PSD2 strong customer authentication requirement.

Icon of a circuit, representing the use of proven technology.

Based on proven Technology

We leverage PKC, TPM/Secure Enclave, and strong encryption.

Icon of a handshake, representing transitive trust.

Transitive Trust

Ensuring a transaction can only be carried out on a “trusted service” by a “trusted device” coupled to a “trusted user” and authorized under the “user’s total control.”

Icon of an envelope with a line through it, symbolizing protection against phishing.

Phish-Proof

AuthN by IDEE protects against every credential phishing and password-based attack, including Adversary in the Middle attacks (AiTM).

Support

It’s easy to find the support you need. Here are your resources:

Icon of a shield with a question mark, representing frequently asked questions.

Admin FAQ

Got questions? Well, the chances are that they may have been asked before, which is why we have a neat collection of the most frequently asked questions all in one place! Check it out!

Learn more
Icon of an envelope, representing the support ticketing system.

Raise a ticket

Sometimes we just need a bit of technical support. Do you need to raise a ticket? No problem head over to the service desk and tell us how we can help. We will get back to you quickly!

Learn more
Icon of a bug, representing reporting security incidents or feedback.

Report an incident

Is there something we should know about or maybe you just have some excellent feedback for us? Please use this form to report a security incident, vulnerability, or an improvement.

Learn more
Icon of a play button on a screen, representing video tutorials.

Video tutorials

Already an admin? Visit the Knowledge Centre for step-by-step interactive video tutorials. Looking for demo videos? Check our YouTube playlists.

Learn more
Icon of an open book, representing the IDEE blog.

The IDEE Blog

We discuss many topics on our blog from authentication & cyber security, how our partners can build their business and featured guides and tools.  Check it out!  

Learn more

Like what you see? 

Speak to us today to try the best MFA solution for yourself.

Request a demoTalk to sales
Start a free 14-day trial