Google announced April 27th that G Suite admins can now manage and secure Windows 10 devices through the Admin console using a feature called ‘enhanced management & security for Windows 10’. Previous support for enhanced management had been limited to Android, iOS, Chrome, and Jamboard devices.
But now Google is expanding enhanced management to Windows 10. And it is also enabling single sign-on (SSO) so users can get access to G Suite and other SSO-enabled apps more easily.
Enhanced management & security for Windows 10
Google Credential Provider for Windows (GCPW), a software component that needs to be installed on each Windows 10 device, works with all G Suite and Cloud Identity editions. GCPW lets users sign in to Windows 10 using a Google G Suite account.
Once signed in to Windows 10 using GCPW, SSO lets users access G Suite apps without reentering their Google Account credentials. GCPW also provides additional security, like anti-hijacking, using features such as 2-step verification and login challenges; and anti-phishing and suspicious login detection.
G Suite Enterprise, G Suite Enterprise for Education, and Cloud Identity Premium customers get some additional management and security features for Windows 10 Professional, Business, and Enterprise (version 1803 or higher) devices.
The following settings were previously in beta but are now available on eligible subscription plans in the G Suite Admin console:
- Update compliance with organizational policies for Windows 10 devices connecting to G Suite
- MDM features like remote device wipe and policy updates
- Deploy custom Windows settings
- Manage Windows Updates
- Deploy BitLocker settings
- Set users’ admin permission level
Google says that these new features can help organizations simplify device management, improve data security, and make it easier for users to log in to applications.
Image #1 Expand
Devices are automatically enrolled in Windows device management when a user signs in for the first time using their Google Account and GCPW. Organizations choosing not to use GCPW will need to manually enroll Windows 10 devices. If GCPW isn’t deployed, users continue to sign in to Windows 10 with their Active Directory account.
Fundamental device management rollout delayed
Google also announced that the full rollout of fundamental device management has been delayed until later in 2020 because of COVID-19. If enabled, fundamental device management is applied by default to all Windows, Mac, Chrome, and Linux devices when users log in to G Suite through a browser.
When a device is registered in endpoint management, admins can view the device type, operating system, first sync time, and last sync time in the Admin console. Admins can also sign users out from the device. No software is required to use fundamental device management.
Microsoft 365 versus G Suite for Windows 10
Better support for remote workers comes at a good time as many companies are closing offices and asking employees to work from home. Similar features from Microsoft have been available for Windows 10 for a long time.
The advantage for Office 365 and Microsoft 365 customers is that everything required to provide security features enabled by Google Credential Provider for Windows is built-in to the operating system. You don’t need to install and manage a client application.
For more information on enhanced management & security for Windows 10, see Google’s website here.
The post Google’s G Suite Can Now Manage Windows 10 Devices appeared first on Petri.