By vendor · Productivity / email / identity
Google Workspace (Education, Enterprise, public sector)
Google Workspace is the productivity stack at a meaningful subset of smaller municipalities and at most K-12 districts that share municipal IT.
Reporting path
- Open a P1 case at https://support.google.com/a — escalate via your reseller or partner if no response within four hours.
- Use Workspace's Investigation Tool to scope the compromise yourself; export findings as evidence.
- Notify your municipal cyber-insurance carrier in parallel.
Contract clauses to read first
- Confirm the Google Cloud Data Processing and Security Terms apply to your tenant.
- Enforce 2-Step Verification for all admin and finance accounts; require security keys for super-admins.
- Configure Workspace audit log retention and exports.
Known incident pattern
Customer-side compromises (OAuth phishing, password-reuse on personal Gmail) are the dominant municipal vector. Google itself has had a strong public-cloud record but customers must own the identity layer.
Descriptive reference only. Google Workspace (Education, Enterprise, public sector) is a trademark of its owner. No affiliation or endorsement is implied.