In this blog post, we will learn how to bulk block mobile devices in Google Workspace and when to do this.
It’s compulsory to sign in to your Google account and sync your data when you are using an Android or iOS mobile device. If your device has not been synced for a long time, you should block it from your Google Workspace. It may become the reason for unauthorized access to your organizational or personal data. So, there will be a security loophole in your data. Thus you may need to block a mobile device in Google Workspace. It will preserve the data from illegal access. Here are some use cases of this action-
- Malware attacks on the users’ mobile devices.
- The user installs an unauthorized third-party application.
- The mobile device doesn't have security updates.
- The user hasn’t signed in for a long time.
- The employee signs in to the device rarely. Say for one week in working days.
In this blog, we will discuss how Foresight can help us with this purpose.
How to block mobile devices in Google Workspace?
The following exception case will block mobile devices –
Endpoint verification: You need to activate a Context-Aware Access policy to block access to mobile devices. Otherwise, the device can sync Google data still after the blocking.
Here is the process for manually blocking a mobile device-
- Sign in to the Google Admin Console through your Administrator account.
- Follow this path in the admin console – Menu>Devices>Overview. Then click on Mobile devices.
- Point out the device you want to block.
- Click Block Device.
- Finally, click on Change.
Bulk block mobile devices in Google Workspace with Foresight
Blocking mobile devices in Google Workspace is the action of stopping the data synchronization of the device with Google. It will log out the user forcefully from the device. Google Admin console allows you to do this task for 50 devices at the same time. Instead, Foresight can do this for more than 50 devices simultaneously. It can efficiently complete the job without any coding within a few times. Moreover, it has other features for this purpose.
Video Demo
From this demo video, you will learn about the Bulk Block Mobile devices in Google Workspace with the help of Foresight.
Instructions
Rule Creation
First, we need a list of mobile devices to set up the rule. It’s a Google Sheet. The sheet contains two columns- Device ID and Device User Email. You have to download the sheet in CSV format. Please note that for the demo purpose, we are taking only 10 devices. But in real cases, we can block thousands of mobile devices simultaneously.
- Log into the Foresight account with a Google Admin account. Then go to the Rules page and click on the New Rule
button.
- Select the Data uploaded trigger.
- Upload the CSV file with updated information.
- Wait for the file to be parsed and then click on Next.
- Then select the Block mobile device action.
- Follow these sub-steps here.
- First, you may need to grant permission for the Foresight account into the Google Workspace account. When the access is permitted then the status will be changed to Access granted. Select the device Id in the Device ID field. Type the double-opening curly brackets to select the ID from the dropdown. Then click on Add Next Action.
- Select the Get user info action. For this action, you need to grant permission once more. Then in the Primary email field, type double curly opening brackets and select the device user email Id.
- First, you may need to grant permission for the Foresight account into the Google Workspace account. When the access is permitted then the status will be changed to Access granted. Select the device Id in the Device ID field. Type the double-opening curly brackets to select the ID from the dropdown. Then click on Add Next Action.
- Then click on Add Next Action. Select the Email action.
- In this email action, we will notify the users about blocking their mobile devices. So, select User Primary Email as an email variable in the To field.
- Then enter the subject and email body. Please note you have to add some variables in the email body. So type double-opening curly brackets to select the variables. The variables are- firstName, DeviceID, and DeviceUserEmail.
- Again, click on Add Next Action and select the Email action.
- Follow these sub-steps here.
- This time you will notify the manager about the blocking of the employees’ devices. Select the Manager Email as the variable in the To field. Then type the email message and type the Device details in the form of a variable.
- Then click on Review.
- This time you will notify the manager about the blocking of the employees’ devices. Select the Manager Email as the variable in the To field. Then type the email message and type the Device details in the form of a variable.
- Enter the Rule name ( Block suspicious devices ) and click on Create. You will see that the rule becomes created.
Rule Triggering
Click on the upload icon and upload the same CSV file again. It will take a few seconds to complete.
Verifying Results
- A notification will appear at the top-right corner of the Rules page. Click on it and then click on View Log to see the devices’ status.
- You can also check it through the Logs page. The logs show the successful triggering of the rule.
- Then verify the results from the Admin console. So, go to Devices>Mobile and endpoints. You will find that the statuses for all the devices have been changed to Blocked.
- Finally, all the employees and managers will get an email about device blocking.
- The user got the email from the IT Manager.
- The employees' manager got the email from IT Manager.
- The user got the email from the IT Manager.