The US Cybersecurity and Infrastructure Security Agency (CISA) unveiled draft guidance and capabilities to ensure the secure utilization of Google Workspace (GWS) services by federal agencies. The proposed Secure Cloud Business Applications (SCuBA) configuration baselines cover nine GWS services, including Calendar, Chat, Drive, Gmail, Meet, and others. Agencies are urged to adopt these baselines, tailor them to their specific needs, and provide feedback during the public comment period ending on January 12, 2024. CISA also introduced ScubaGoggles, an assessment tool designed to verify GWS configurations align with SCuBA baseline policies. As these tools are still in development, CISA seeks public input to enhance security in line with evolving technologies and cybersecurity threats. These baselines aim to minimize misconfigurations, enhance data protection, and fortify overall cybersecurity resilience for federal agencies leveraging GWS services, mirroring CISA’s prior efforts with Microsoft 365 baselines. The finalized GWS baselines are anticipated to roll out early in 2024, following the feedback and development process.
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.