Introduction

In this blog post, we will learn how to auto reminds new users of enrolling in 2FA is a complex matter in Google Workspace. Know the simplified process with Foresight. 2-factor authentication, 2FA is a significant feature of Google Workspace. Administrators can force new users to enroll in 2FA to protect their accounts with an extra layer of protection from hackers. Thus they set a 2SV enrollment grace period for the users. The users need to enroll in 2FA within this time. Otherwise, they will be locked out and can’t sign in to their Google account.

Thus Foresight creates a new feature to remind users to enroll in 2FA within this period. This will keep them aware of enrolling in 2FA. In this article, we will learn so.

Why need to auto reminds new users of enrolling in 2FA?

  1. Google admin new users need an extra security layer to protect their Google account from cyber criminals. They might try to steal your account password to hack your important data and files. Thus the Google Admin takes the action of 2SV Enforcement. to enhance your account security.
  2. For an organizational unit, users working with sensitive and business data like financial reports, employee data, hiring details, etc., must protect their data with a 2SV enrolled Google account. Thus, the Admin must mandate its own and these users’ accounts for 2FA.
  3. A small team or group in an organization may require a particular 2-step verification, 2SV method like - Security keys, Google prompt, Google authentication app, or Backup codes because the company mandates it. 
  4. You need to activate your 2FA to avoid account lockout when your company gives you a 2SV enrollment grace period.

Know more: Protect your business from 2-step verification.

How to auto reminds new users of enrolling in 2FA in Google Workspace with Foresight?

Foresight helps to streamline your business process by automating the Google Workspace workflow. You don't need any coding knowledge to use this platform. Mainly it simplifies the complex workflow that can't be deployed with the native Google Cloud services. Thus it helps to remove repetitive tasks for the Admin and users to save their valuable time.
Google Admin console has the 2SV enforcement and enrollment grace period features. But it doesn't provide any feature of sending a reminder email to inform users of the enrollment period. Here, Foresight comes to help the users with this feature. This is another edge of Foresight over Admin Console, and it helps to increase productivity.

Demo Video

Instructions

We will divide our steps into two rules-

  • Rule A –  Auto Create Google Calendar event upon user creation: To create a Google Calendar event automatically for new user creation. This event will start after three days of user creation.
  • Rule B – Auto sends email reminder: Automatically sends the reminder email to the user for the 2FA when the event created in Rule A will start.

Rule-A Setup

  1. Log in to the Foresight account with your Google Admin account. Go to the Rules page and click the New Rule New rule button button.
  2. Select the User created trigger and click Next.Auto remind new user to enroll in 2FA - Rule A - Select the User created trigger and click Next
  3. Select the Create datetime action.Auto remind new user to enroll in 2FA - Rule A - Select create datetime
    1. Select the Current Datetime variable, In Source datetime.
    2. Keep the Time zone field unchanged. 
    3. In the Time change steps, set the step Add 3 Days. This is the date-time when the user will get the reminder. It means the reminder would be sent after the 3 days of the new account creation.
    4. In the Variable name, write Reminder Datetime.Auto remind new user to enroll in 2FA - Rule A - here we are editing create datetime action
    5. Click ADD NEXT ACTION and select Create calendar event.Auto remind new user to enroll in 2FA - Rule A - select create calendar event action
      1. In Calendar, select Primary Calendar. Also, you can choose any other calendars if you need them.
      2. In the Event title, type "2FA Reminder" and click on the v icon to select the Primary Email variable . 
      3. Only in Start time, click the side icon, and select the Reminder Datetime variable. Leave other fields the default.Auto remind new user to enroll in 2FA - Rule A - edit create calendar event action 2
      4. Click Review, give a rule name and create rule A.Auto remind new user to enroll in 2FA - Rule A - enter rule name and click createAuto remind new user to enroll in 2FA - Rule A created

Rule-B Setup

  1. Select the Calendar event started trigger.Auto remind new user to enroll in 2FA - Rule B - select calendar event started trigger
    1. In Calendars, select Primary Calendar. It needs to match the calendar in rule A's Create calendar event action.
    2. In the Event title, enter "2FA Reminder" (with double quotes), this Event Title is the same Event Title that we have given in Create Calendar Event action while creating Rule A.Auto remind new user to enroll in 2FA - Rule B - edit calendar event started trigger
  2. Click Next, select the Get calendar event info action.Auto remind new user to enroll in 2FA - Rule B - select get calendar info action
    1. In Calendar, select the Calendar Id variable.   
    2. In Event, select the Calendar Event Id variable.Auto remind new user to enroll in 2FA - Rule B - edit get calendar info action
  3.  Click ADD NEXT ACTION and select Extract data from text action.Auto remind new user to enroll in 2FA - Rule B - select extract data from text action
    1. In the Source text, select the Event Title variable.
    2. In the Data type to extract, select EMAIL.
    3. In Selection, keep the default value of 1
    4. In the Variable name, enter "User Email".Auto remind new user to enroll in 2FA- Rule B - edit extract data from text action
  4. Click Add next action and select Get user info action. Auto remind new user to enroll in 2FA - Rule B - select get user info action
  5. In Primary email, select the User Email variable.Auto remind new user to enroll in 2FA - Rule B - edit get user info action
  6.  Click ADD NEXT ACTION and select If action.Auto remind new user to enroll in 2FA - Rule B - select if action
    1. Rename “Branch 1” to “Not Enrolled in”
    2. Rename “Fallback Branch” to “Enrolled in 2FA”
    3. In the branch “Not Enrolled in 2FA”, set condition “2SV Enrolled? is false”.
    4. Click ADD NEXT ACTION under the first branch of the If condition.Auto remind new user to enroll in 2FA - Rule B - edit if action - branch 1
    5. Select Email.
    6. In To, select the User Primary Email variable
    7. In Subject, enter the email subject.
    8. In the Email Body, type the below text. you can enter the personalized data using variables. To insert variables, click on the v icon , and a list will pop up with all variables.
    9. Click Review. Give a rule name and create Rule B.Auto remind new user to enroll in 2FA - Rule B - enter rule nameAuto remind new user to enroll in 2FA - Rule B created

Triggering Rule

Now you have to trigger the rule from the admin console by creating a new user. To create a new user, go to the Directory > Users > Add a new user, and fill in all the details, then click ADD NEW USER button.

xFanatical

Verifying Results

After creating this user, a calendar event will be created automatically. The logs page shows the successful triggering of Rule-A.

xFanatical
xFanatical

After the 3 days, the users will be reminded if they still need to enroll for 2FA.

Successful triggering of Rule-B.

xFanatical
xFanatical

Conclusion

This is the complete procedure of reminding new users to enroll for 2FA. You can perform the task easily with the help of Foresight. It simplifies the whole process with the 2 sets of automated rules, and thus it saves our time and improves productivity. So try the 14-day free trial with Foresight. Also, you can learn other topics related to this - Protect your business with 2-step verification, Avoid account lockouts when 2-step verification is enforced, etc.

Fore more updates please visit our website: Source