Google Groups access permissions and security
When setting up Google groups it is important to ensure that they are correctly configured if access to the group and the group’s posts and conversations is to be restricted to only group members. If a group’s permissions are incorrectly configured then the group can potentially be accessed by all Norfolk NSIX users.
If you are the owner of any Google Groups you should check that you have configured the permissions correctly.
‘Organisation Members’ Permissions: When setting group permissions it is important to understand that ‘Organisation members’ or ‘Entire Organisation’ means all NSIX account holders across all Norfolk schools which have Google NSIX accounts. Unless intended, groups should not include ‘Entire organisation’ or ‘Organisation members’ in the group permissions settings.
New Group – Basic Permissions
When setting up a new group, certain basic permissions are allocated default settings. In most cases these will be the settings you require and will ensure that only group members have access to the group and can view conversations and post to the group.
Who can search for the group
By default all new groups will be set up with ‘Who can search for the group’ set to ‘Group members’ only, rather than ‘Organisation members’. This means that if an NSIX user searches for the group within the Google Groups application, they will only be able to view it if they are a member.
When viewing the security settings for an existing group this setting is referred to as ‘Who can see the group’. Group owners and managers have the ability to update this setting and hide or show the groups they own in the Groups directory.
Google groups access outside NSIX
Google groups created by our Google NSIX accounts can not be searched for or viewed by users outside the NSIX organisation. Only logged on NSIX users who have permission to view the group can search and view these groups.
Join the group – if this is a closed group then this should be set to ‘Only invited users’ so that only group owners or managers can invite specific group members.
Who can view conversations – It is important that this is always set to ‘Group members’ and not ‘Entire organisation’ to ensure that no one outside the group members can access group content.
Who can post – Normally a group would only require ‘Group members’ to have permission to post to the group.
Who can view members – This is normally set to ‘Group members’ unless you want to restrict this to only managers or owners of the group.
Existing Groups – Checking Permissions
To ensure that all the groups that you own or manage have been correctly configured:
View all the groups which you are a member of via the Google Groups application: https://groups.google.com/
Click ‘My Groups’
If you are a manager or owner of a group then you will see the cog symbol to the right of the row which enables you to access the ‘Group settings’.
Click on the cog and this will open the group settings page.
All group access and security settings can be reviewed on this page.