Google Workspace Integration
Overview
This document describes the Zilla integration with Google Workspace.
Zilla is a B2B SaaS solution that helps organizations with identity and access security. Zilla connects to multiple systems in an organization to retrieve an accurate listing of all account in the system and the permissions that those accounts have. The accounts are then co-related to user status in HR systems to identify security issues including Orphan Accounts, External Users with Privileged Accounts, etc. Zilla also automated a key compliance process called User Access Reviews that is critical for SOC2 Type2, SOX and HIPAA compliance.
OAuth Integration
The Zilla integration is a ‘read-only’ integration that fetches the following data from Google Workspace and Google Cloud Platform
All accounts present in Google Workspace and the corresponding email addresses
All permissions that the accounts have
All groups and the group memberships for the accounts
All projects in GCP and the entities that have permissions to those projects
Benefits of the Integration
This Google Workspace integration automates the entire security process of remediating security issues and performing user access reviews. The integration can be configured to run on a periodic basis of either daily, weekly or monthly and once configured will run on schedule.
Security Remediation
Zilla generates security findings based on the account and permission data fetched by the integration. It is typically used in conjunction with integration with HR systems to have an accurate picture of the people in the organization and their employment status. Zilla co-relates the account status received via the API integration with a user’s HR status and enables the remediation of orphan accounts
Access Review
Zilla implements a workflow enabling an organization-wide process for User Access Reviews (UAR). The UAR process supports reviews done by System Owners and also reviews done by Supervisors. A simple user interface makes it easy for reviewers to come into Zilla and approve the accounts and permissions that those accounts should have. Zilla tracks all the approvals and revocations and generates tickets for account revocations. An external auditor has access to a detailed report showing successful completion of the access review process.
Zilla Security privacy policy
Zilla is a B2B SaaS product that is used by our customers for security and compliance of systems including Google Workspace. Customer data storage and sharing is also defined by an the agreement signed between Zilla Security and our customers.
Additionally, our privacy policy is available here Terms & Compliance | Zilla Security