GAT+ is a powerful audit and security tool for your G suite domain. This post will take you through a visual overview of some of GAT’s features within the Drive Audit.
In the GAT+ dashboard, where you can audit all areas of your domain. We’ll be starting off a GAT+ Drive audit.
[See this Drive Audit video walkthrough]
In this audit area, you can search your entire domain for documents for any user. You can easily identify documents using the apply filters button.
For example, if we look at files which are being shared outside of our domain, the exposure summary will help you identify documents shared publicly to other domains as well as documents shared inside your domain and also private and orphaned documents.
You can also identify documents by file type.
To take actions on a document you can select the files you wish to take actions on and select file management. Then you can change ownerships editors or viewers by adding or removing them. You can also view the contents of documents silently using view file contents.
You can check your exposure to other domains using the domain connection graph.
Clicking on a particular domain will show you the documents shared to them for further analysis. You can also search through users drives or team drives using the folders tree. This can help you identify all the folders in your domain and the permissions set for those folders.
The Users audit allows you to get an overview of all the users across your domain. You can use a custom filter to look for an individual, Groups or OU’s.
Once you have applied a filter to find a set of users, you can then export those users to a Google spreadsheet.
You can edit the information on this spreadsheet which can then be imported back in and the changes will be reflected on your admin console. This is helpful for removing or adding users or changing their emails or order details all at the same time.
Email info will allow you to see the email settings for the users, if they have Forwarding enabled, Email delegates, Lables and Filters, and Total messages.
File count lets you see all the files they have access to or have created.
Quota shows you two quotes they are using for their drive in Gmail you can also go through these subsequent sections to modify the users information that way.
An area you can see all Emails coming in and going out of your domain. In this section an Admin can access Email tab where all emails are displayed, you can apply a filter to search for specific email.
Email content search is a realtime search where you can extract up to the minute emails received or sent by your domain users.
User statistics will show you all the daily statistics for all your emails.
You can also access External From/To and Sender/Receivers tables where the appropriate information for the tabs will be displayed, in each of the sections you can apply a filter to find a specific result.
Domain connections will display Number of emails send and recived from your domain to all external domains. Domain connection graph a graphical overview of your domain email connections.
Using Groups an Admin can view and explore all groups in the domain. Under the action tab on each group you can take an action such as “copy this group” and “delete this group”.
We also show the total number of the groups, with external or local members and so on. Each of the numbers are clicable and it will lead you to those groups.
Groups alsop provides tabs such as Group members, Events and Last Used address.
Each of those options provide you with more inishght of your Google groups. You can see all of the group members. Events tab will show you what member of group perform what action and when.
Last used address is a very useful feature where you can see each of your groups and how they are active. You can track the activity of a group email, being used for File Use Date, Email Use Date and Calendar Event Start Date.
You can see all of your domain users and the contact list they have. You can delete contact from your contact list, you can also copy the contact and replace it by adding the contact to a new owner.
You can also create a contact and add it to specific user of your domain. Simply choose an owner(User of your domain) fill in the details of the new contact and save.
In it you can see all the Google Classrooms across your entire domain. You can see which teachers created those Google Classrooms, the name of the class, and details about said class, such as Class work, Class Work Submissions, Teachers and Students.
You can also check the work being assigned to students from the teachers you can then see the submissions from students here you could filter a particular classroom to further analyze.
Application audit allows you to identify threats from third-party applications. GAT+ will automatically rank these applications (Scope risk score) based off the permissions third-party application has access to your G Suite API as a super admin you would want to examine if this application is malicious.
In the case of a malicious application being found, you can easily create a policy to ban the application for a user group or the entire domain you can also view other policies made by other administrators.
The printer section within the GAT+ tool allows you to view all of the Google printers which are connected to your domain, you can also find print jobs that your users have carried out here you can apply filters for a particular user to see what they have printed. This can show you the title of what they have printed and when they printed it.
Chrome OS Devices
In Chrome OS devices, you can see all of the Chromebooks which are enrolled in your domain. You can also modify their details and see who was the last user to login to those devices in ChromeOS devices. You can check this video, where we discuss how GAT+ can be used to bulk manage ChromeOS devices.
You can see who has signed into the domain with their mobile device in case of a security breach, you can block the device, remote wipe the device, or wipe the account and also delete the device from your domain.
You can check this link for more information.
For added security and protection for your G Suite domain, you can use a user login section of the GAT+ tool here you can see all of the logins occurring across your domain by your users.
You can also see suspicious activity by users such as invalid passwords being entered.You can filter events which are suspicious to find such activity. You can also get information such as what IP address is being used to log into your domain.
Calendar audit will allow you to view all calendar events in your domain. You can view the total number, number of external and domain calendars, imported and private calendars.
Under the action tab on each of the calendar you can change permissions of the calendar, such as adding or removing secondary owner, adding editors or readers to the calendar.
You can also view the Calendar events Future and Past. You can also take an action on the calendars such as deleting the particular or recurring events.
Using Meet you can view the use of Google Meet in your domain.
You will be able to view the number of meetings – per day, Average minutes spent on Meetings – per day, Total nymber of minutes spent on Meetings – per Day, number of calls per day and so on. You can export all those graphs as a png file to include in your reports.
Where you can see the Channels and Videos that have been published by users of your domain. You will also have an option to see External and Internal videos, where in internal videos you can change their status to Private, Public or Unlisted.
Roles & Privileges
You can view all Roles and Privileges set up in your domain, thus very easy to evaluate what roles are set up and who are the users with those privileges. Under the Actions tab, you can view all the users with the selected role, see the details and see what privileges the role has in your Google domain.
You can see also all the privileges set up in your domain. Under the actions you can see what user have these privileges.
This concludes our brief overview of GAT+. Feel free to install the tool from the G Suite Marketplace.