Google Workspace Integration

Overview

This document describes the Zilla application integration with Google Workspace.

Zilla is a B2B SaaS solution that helps organizations with identity and access security. Zilla connects to multiple systems in an organization to collect an accurate listing of all accounts and the associated permissions that those accounts have. The accounts are then correlated to each user status within HR systems to identify security issues including orphan accounts, external users with privileged access, and more. Zilla also automates the critical compliance process called User Access Reviews (UARs) that is required for SOC2 Type2, SOX, HIPAA, and many other regulatory mandates.

OAuth Integration

The Zilla integration is a ‘read-only’ integration that collects the following data from Google Workspace and the Google Cloud Platform:

• All accounts present in Google Workspace and corresponding email addresses
• All permissions that accounts have
• All groups and group memberships for accounts
• All projects in GCP and entities that have permissions to those projects

Benefits of the Integration

This Google Workspace integration automates the entire process for remediating security issues and performing UARs. The integration can be configured to run on a periodic basis of either daily, weekly or monthly and once configured will run on schedule.

Security Remediation

Zilla generates security findings based on the account and permission data collected by the integration. It is typically used in conjunction with integrations to HR systems to create an accurate picture of people in the organization and their employment status. Zilla correlates the account status received via the API integration with a user’s HR status and enables the remediation of orphan accounts.

Access Review

Zilla implements a workflow enabling an organization-wide process for UARs. The UAR process supports reviews done by system owners, as well as reviews done by supervisors. A simple user interface makes it easy for reviewers to use the Zilla application and approve the accounts, as well as the permissions each account should have. Zilla tracks all approvals and revocations and generates tickets for account revocations. An external auditor has access to a detailed report showing successful completion of the access review process.

Zilla Security privacy policy

Zilla is a B2B SaaS product that is used by our customers for security and compliance of systems including Google Workspace. Customer data storage and sharing is also defined by an the agreement signed between Zilla Security and our customers.

Additionally, our privacy policy is available here https://zillasecurity.com/terms-of-service/.