Secure your Google Admin account with these best practices
Instead of taking my advice, take it directly from Google. I decided to repost the entire thing below for reference…so I dont have to keep retyping the same thing over and over or go looking for the link to forward to you. https://support.google.com/a/answer/9011373
And please reread the last line twice : Daily administrative tasks should be done using an account with limited admin roles. Super admins should sign in as needed to do specific tasks and then sign out. Staying signed in to a super admin account when not performing specific administrative tasks can increase exposure to malicious activity.
So can you can see that there are reasons for not using your personal login as the Super User? (don’t start you online business using your personal email)
Here are a few access control and security features Google recommends to keep your Google Admin account secure:
- Require admins and key users to provide additional proof of who they are
- We recommend that everyone in your business use 2-Step Verification (2SV), but it’s especially important for admins and users who work with sensitive data such as financial records and employee information. If someone steals a password, 2SV can prevent them from accessing your account.With 2SV, users need to verify their identity through something they know (their password) plus something they have (such as a physical key or access code). You should enforce 2SV for admins and key users, where possible with a FIDO compliant security key.
- Create an additional super admin account
- A business should have more than one super admin account, each managed by a different person. If your primary super admin account is lost or compromised, the backup super admin can perform critical tasks while the primary account is recovered. You can create another super admin by assigning the super admin role to another user.
- Super admins shouldn’t remain signed in to their account
- Super admins should sign in as needed to do specific tasks and then sign out. Staying signed in to a super admin account when not performing specific administrative tasks can increase exposure to malicious activity. Daily administrative tasks should be done using an account with limited admin roles.
Sincerely,
The Google Team