We have been making improvements to the admin section of Google Analytics 360 Suite to fit the needs of modern enterprises. Recently, we made account recovery easier. Today, we’re pleased to announce another feature we’ve heard users ask for: User policies for your organization. User policies are a user management feature to help Google Analytics 360 Suite organization administrators to better control who has access to their corporate data.How user policies workAn organization’s user administrator can create a user policy specifying what users are allowed or disallowed to do within their organization’s Google Analytics accounts. For example:

• A domain may be entered to allow any users with email addresses on that domain
• A single user email may be entered to explicitly allow that user
• A single user email may be entered to explicitly disallow that user

Click image for full-sized version

Auditing policy violators Any user who violates the policy will be highlighted on the Suite Admin User’s report. We check both primary and secondary Google User Account email addresses when considering if a user passes a policy; if any email on the Google User Account account passes a policy rule, that user is considered to be allowed.Policy Auditing – note the red (!) icons next to policy violatorsAdding Users that Violate PolicyAt this time, we do not block the addition of policy violating users to suite products. Product account administrators may still add a user that violates the user policy, and that user will appear in the Audit report seen above with a red (!) icon. At a future time, we will allow policy administrators to choose to block violating users from being added.Posted by David Wieser, Google Analytics team