GW 21-30

Train users to click on Not Spam button for emails.

Add all users of your domain to an approved sender list.

Force TLS for your domain

Ensure that your inbound gateway is configured with all of your Exchange server IP addresses.

Collect full message headers for examination.

Check whether the issue occurs when the user authenticates on a different device or a new incognito window.

Check whether a ping test to service.gmail.com (pop.gmail.com or imap.gmail.com) is successful.

Check whether traceroute to service.gmail.com (pop.gmail.com or imap.gmail.com) is successful.

Assign the ‘Services Admin’ role to an administrator with ‘Super Admin’ privileges.

Create a ‘Custom Role’ and add all the Google Vault privileges for a new administrator.

Validate that the new administrator has access to Google Vault.

. Create a ‘Custom Role’ and add the ability to manage Google Vault matters, holds, searches, and export

Download and attach the documents to a Gmail message, and send them to the external vendor

Move all users from the finance org unit to the HR org unit.

Enable ‘Visitor Sharing’ for the entire finance org unit.

Create a group with the finance and HR users who need to share externally.

An access level was defined based on the IP range and applied to Google Drive via Context-Aware Access.

Under Drive and Docs > Sharing Settings, the “Whitelisted domains” list needs to be updated to add the new ISP domain.

The Network Mask defined in Security > Settings > SSO with 3rd Party IdPs should be updated to reflect the new IP range.

You need to raise a ticket to Google Cloud Support to have your new IP ranges registered for Drive API access.

Use the Postmaster Tools API to pull the message headers.

Use the Email Log Search to directly review the message headers.

Use the Security Investigation Tool to review the message headers.

Perform an SPF record check on the domain to determine whether their SPF record is valid.

Move the user to their own Organization Unit, and set a custom retention policy.

Create a hold on the user's mailbox in Google Vault.

Reset the user's password, and share the new password with the litigation team.

Copy the user's data to a secondary account.

Create a matter using Google Vault, and share the matter with the litigation team members.

Use Security Investigation Tool to Search Google Drive events for all of the user's documents, and use Google Admin > Reports > Email Log Search to find their emails.

Search Google Drive for all of the user’s documents, and ask them to forward all of their emails.

Use the Gmail API and Google Drive API to automatically collect and export data.

Utilize Google Vault to hold, search, and export data of interest.

Enable email safety features with the receiving domain.

Set up secure transport compliance with the receiving domain.

Configure an alternate secure route with the receiving domain.

Set up DKIM authentication with the receiving domain.

Create a secondary domain, mystartup.com, within your current Google Workspace domain, set up necessary DNS records, and create all startup employees with the secondary domain as their primary email addresses.

Create an alias domain, mystartup.com, in your existing Google Workspace domain, set up necessary DNS records, and create all startup employees with the alias domain as their primary email addresses.

Create a new Google Workspace domain with “mystartup.com,” and create a trust between both domains for reusing the same security policies and sharing employee information within the companies.

Create the startup employees in the “mycompany.com’ domain, and add a number at the end of the user name whenever there is a conflict. In Gmail > Routing, define a specific route for the OU that targets the startup employees, which will modify the email address domain to “mystartup.com,” and remove any numbers previously added. In addition, confirm that the SPF and DKIM records are properly set.