Google Workspace
security audit
Ensure your company's data security in today's landscape of remote work, mobile devices, and public clouds.
Contact usClose security gaps in your configuration
Incorrect configuration of Google Workspace settings can create vulnerabilities, potentially leading to hacking attacks, data leaks, or employee account takeovers.
Our audit is like a security checkup.
It identifies weaknesses in your configuration and provides actionable recommendations to strengthen your defenses.
Security audit enhances your protection.
But there is more
Security risk
reduction
Security threats evolve rapidly. Regular security audits enable you to identify gaps and weaknesses, implement necessary improvements, and stay up-to-date with industry best practices.
Incident response readiness
You can control security incidents with audit-driven preparedness, pinpoint areas for better detection and recovery, and respond effectively every time.
Control over users and devices
You gain a better understanding of the security risks that your employees themselves introduce, such as improperly secured accounts, poor sharing practices, or the use of personal devices.
Compliance with regulations
A security audit helps you to demonstrate compliance with requirements such as the PCI DSS, HIPAA, and GDPR, thereby building trust with clients and partners and avoiding costly penalties.
Higher
credibility
Demonstrating robust security practices enhances your reliability as a business partner and signals to clients your proactive commitment to data protection, giving you a competitive edge.
Post-audit implementation
If you wish, our engineers can implement the recommended changes in the console, saving you time and giving you the confidence that all improvements have been made according to the best practices in the industry.
Discover how security audit helps you take control of your work environment
The Google Workspace security audit includes a thorough analysis of more than 237 risk points, to provide your organization with the greatest possible security.
Reducing the risk of unauthorized access to Google Workspace
Even the best-secured work environment is not safe if you leave cybercriminals an open door. During the audit, we will examine the state of your Google Workspace account security settings in areas such as password management, SSO and multi-factor authentication, and IT service management access control.
Detecting unmanaged third-party app access
Uncontrolled user logins to external apps via SSO is a frequent security risk in organizations of all sizes. To assess and mitigate this, we analyze add-on and third-party access management in relation to OAuth. We also deliver an export of user-granted external app permissions to organizational data.
Uncovering risky sharing practices inside and outside the company
To help you manage the thousands of files created by your employees and establish a policy regarding their security grading, we'll assess drive settings including sharing, sync, and DLP, and provide an export of user sharing activities across personal and shared drives.
Understanding advanced security settings for the apps
Google Workspace offers extensive security settings, often underutilized. With security audit, you'll learn the key settings for each application, including access control for Gmail, Calendar, Chat, Spaces, Groups, Meet, and Sites. We will also cover admin alert settings, threat analysis tools, and incident response.
Controlling devices used by users in your organization
With remote work and mobile devices, securing employee devices processing company data is essential. Google Workspace security audit covers control policies for mobile devices, desktops, and browsers. And if you need additional control, we can also examine critical security settings for the Chrome browser on user devices.
Here's what you'll receive after the audit
Security audit report
Your tailored recommendations delivered as a comprehensive PDF report.
Security workfile
A dedicated tool to keep your change implementation on track and organized.
Workshop and video training
A workshop to provide your team with an understanding of the process and video on critical risks and precautions.
Security audit credential and badge
A visible symbol of your commitment to the highest safety standards, building trust with your customers.
Get a glimpse of your detailed security analysis
Get a glimpse of your detailed security analysis
Get your sample
Discover who benefits the most from a Google Workspace security audit
Regardless of your organization's size, structure, or situation, our audit helps you address critical security challenges. This is especially important for:
Highly regulated organizations
Businesses in sectors like healthcare, finance, and government that require a proactive approach to security and compliance.
Enterprises
Organizations where inconsistent security practices that have accumulated over the years can lead to vulnerabilities.
Remote or hybrid workforces
Companies which need to prioritize securing devices, data access, and communication across locations.
Growing startups
New businesses where rapid growth makes it difficult to maintain strong security while enabling collaboration
Understand the process
Our specialists will maintain ongoing communication with your team throughout the audit to ensure clarity and full process control.
Kick off meeting
We will get to know your organization's needs, plan the process, and set up working teams.
Audit execution
We analyze your Google Workspace configuration using the Admin Console and APIs., which takes 3-8 weeks.
Report
We provide a prioritized list of recommendations with step-by-step guidance.
Workshop
We’ll guide your team on implementing the highest-priority changes.
Fixes implementation (optional)
To save you time and effort, our premium audit service includes implementing the recommendations.
Checking plans and prices
We offer various audit plans based on the level of assessment and whether you need assistance with implementing the recommendations.
Basic
EUR 1,800*
Identity verification and authentication
Administration
Application integration
Security operations
Drive settings
Settings for other services
Device management
Google Drive sharing list
Google Chrome audit
External application permissions list
Video training “Basic Security for Users”
Fixes implementation by FOTC’s engineers
Enhanced
EUR 3,600*
Identity verification and authentication
Administration
Application integration
Security operations
Drive settings
Settings for other services
Device management
Google Drive sharing list
Google Chrome audit
External application permissions list
Video training “Basic Security for Users”
Fixes implementation by FOTC’s engineers
Premium
Custom pricing*
Identity verification and authentication
Administration
Application integration
Security operations
Drive settings
Settings for other services
Device management
Google Drive sharing list
Google Chrome audit
External application permissions list
Video training “Basic Security for Users”
Fixes implementation by FOTC’s engineers
*A €24 fee will be added to the prices above for each organizational unit in Google Workspace.
Checking plans and prices
We offer various audit plans based on the level of assessment and whether you need assistance with implementing the recommendations.
Best selling
Basic
EUR 1,800*
Enhanced
EUR 3,600*
Premium
Custom pricing*
*A €24 fee will be added to the prices above for each organizational unit in Google Workspace.
Discover other ways we can protect your business
Google Workspace support
Our expert team will provide you advanced security measures, proactive monitoring, and performance optimization, ensuring a stable and reliable environment.
Find out more
Chrome OS devices
Find out more about secure cloud-based laptops with remote management, zero-touch enrollment, and advanced data safeguards for worry-free onboarding.
Find out more
Users and admins training
Strengthen your team's security expertise with our tailored training. We deliver expert-led sessions for Google Workspace admins and users, focusing on safeguarding your data.
Find out moreYour questions,
answered.
No, the auditor won't have access to your data - neither on the Drive nor on your mail. They will only be able to see general information about the space taken up in these applications. In the reports, they will also see the basic information about the activities performed on the Drive. You can always check the extent of the activities performed by the auditor in the administration logs.
Not if you are our customer and do not block reseller access to the Google Workspace instance. Otherwise, creating an account for auditors may be necessary.
No, our auditors will prepare a list of recommendations for you to implement to improve your company's security level. However, you will need to decide whether to implement them in the console. Your team members will be responsible for making any changes. They are the ones who know best how to break down the process so as not to disrupt users in your organisation. However, if your company lacks the proper resources to implement the post-audit recommendations, we can offer our support in this area too. We can implement the changes as part of your technical support package or extra consultations.
We will provide you with a comprehensive PDF file containing a set of specific changes and best security practices that you should implement and follow in your company. Additionally, you will receive a spreadsheet with links to documentation that will help you coordinate and monitor the change implementation process. During the workshop concluding the audit, we will discuss the key points and answer any questions You may have, to help you plan the process. You can download an excerpt from a sample report here.
No, we do not.
Yes, you can count on us in this regard.
Unfortunately no. Since we do not enforce our recommendations and we have no control over whether the recommended changes are implemented, we cannot provide you with a certification. Nevertheless, you will receive our badge and statement confirming the completion of an FOTC audit.
Yes, we will explain how to introduce the key changes and answer all your questions.
We will have access to the administration console settings. We recommend that the company we are auditing is our customer and that the instance has open reseller access. Then you can be sure that we are not privy to any sensitive data you store in Gmail, Drive and other services.
There is no need for your employees to be present at every stage. We will need your team only to grant access to the console, complete the form, and turn up at the workshop. We will take care of the rest ourselves.