Directory
Directory and administrator accounts
Google Workspace Compliance Monitoring
Evaluate identity, Gmail, Drive, Calendar, application access and data-sharing controls from a single platform.
What we assess
89 checks across 10+ Workspace security areas
Directory and administrator accounts
Gmail security and authentication
Drive and Docs sharing
Calendar access controls
Google Chat and Groups
OAuth and third-party applications
Session and sign-in security
DLP and security reporting
Suspicious activity rules
Automation coverage
We separate what the CIS benchmark labels automated from what public APIs can reliably return today.
We never mark an environment compliant when the required configuration cannot be reliably retrieved. Unsupported or incomplete evidence is reported as Unknown, not Passed.
What you receive
All required conditions were verified.
At least one required condition was not met.
The control is outside the documented scope.
Data or permission was insufficient — the result was not guessed.
Example findings
Only 1 Super Admin account detected. Recommended minimum: 2.
37 files are accessible outside the organization.
12 applications have access to sensitive Google Workspace scopes.
18 of 240 users are not enrolled in 2-Step Verification.
Example findings shown for demonstration purposes.
How it works
Authorize read-only access using delegated OAuth or service credentials.
Trusteed collects configuration, identity, policy and activity evidence from the connected environment.
Review prioritized findings, evidence and remediation steps from a single dashboard.
Framework mapping
One technical check. Multiple compliance frameworks.
Secure by design
Domain-wide delegation is used only for controls requiring per-user Gmail, Calendar or Drive evidence.
Benchmark reference
Connect read-only access, run the full control set, and get evidence-backed results — Compliant, Non-compliant, Not applicable, or Unknown.