Enhanced desktop security for Windows

As administrators, people can set up company-owned and personal Microsoft Windows devices to use Google’s single-sign on (SSO) access security, push Windows settings, and erase device data remotely. Enhanced desktop security for Windows has two complementary features that can be set up individually or together.

Google Credential Provider for Windows (GCPW)

Business organisations can let users sign in to a Windows 10 device using the provided Google account. They can also configure GCPW to the user’s Google account that syncs with their Active Directory or local Windows profiles. GCPW also provides the benefits mentioned below:

  • Additional security – users are offered the complete security benefits of their Google account on their Windows 10 device. These features include, anti-hijacking features like 2-step verification (2SV) and login challenges.
  • SSO experience – users can access the Google Workspace services and SSO apps in the Chrome browser without re-entering their Google credentials.
  • Password synchronization – business organisations can keep the users’ Google passwords in sync with their Windows passwords in the Admin console or with G Suite Password Sync.
  • Automatic enrollment in Windows device management– when business organisations use GCPW and Windows device management together, the devices are enrolled automatically in Windows device management when the user signs in through GCPW.


Only one user per device can enrol in Windows device management, even though business organisations can allow multiple accounts to sign in through GCPW. Due to a Microsoft limitation in Windows 10, when multiple users sign in through GCPW on the same device, the first user is enrolled in Windows device management. Their device-level settings (including Windows updates, admin privileges etc.) apply to all device users.

Windows device management

With the help of Windows device management, business organisations can configure and manage enrolled devices from the admin console.

Setting management

With setting management, business organisations can:

  • Set the users’ administrative permission level
  • Allow BitLocker encryption
  • Manage the automatic updates for Windows
  • Apply custom settings (they can block specific apps, disable USB drives, set the screen lock timeout, among others)

Device Management

With Device Management, business organisations can:

  • Erase data from a device
  • Get the details of the managed device
  • Sign out users from their Google Account
  • Audit the device system activity
  • Remove a device from Windows device management

Yuvraj kore

Welcome to our blog! My name is Yuvraj Kore, and I am a blogger who has been exploring the world of blogging since 2017. It all started back in 2014 when I attended a digital marketing program at college and learned about the intriguing world of blogging. As I started to learn more about blogging, I realized that this platform has immense potential to share ideas, experiences, and knowledge with the world. The more I dived into it, the more passionate I became about blogging. My passion for blogging was fueled by the mentorship and guidance of Akshay Sir from Goa, who was instrumental in teaching me the ropes of this exciting world. Under his guidance, I honed my blogging skills and gained valuable experience, which I am happy to share with my readers.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button