Google has updated Context-Aware Access (CAA) in Google Workspace to introduce a default policy assignment for SAML applications.
SAML applications are third-party or internal applications that use the Security Assertion Markup Language (SAML) protocol to enable single sign-on (SSO) with Google Workspace credentials.
Google says this update introduces a default assignment that serves as a universal security baseline, automatically protecting any SAML-based application that does not have a specific policy already assigned.
By establishing this secure-by-default posture, IT teams can help protect internal data and third-party SaaS tools as new applications are integrated into their ecosystem.
“This global control significantly reduces the administrative burden of managing security for applications at scale. Instead of manually configuring rules for every individual SAML app, administrators can set a single policy to cover their entire environment,” the company wrote.
Admins must enable the feature manually, as it is turned off by default and can be configured at the organizational unit or group level. End users do not have access to the setting.
The rollout is available now for both Rapid Release and Scheduled Release domains, covering Enterprise Standard and Plus, Education Standard and Plus, Frontline Standard and Plus, Enterprise Essentials Plus, and Cloud Identity Premium editions.
