Advanced Protection changes your relationship with the administrators (Google). But for GSuite the administrators are some other member of your organisation, so Google can't make a web page that changes that relationship.
If your company decides that the New York employee named "Steve Smith" and the London employee "Stephen Smith" are the same person, and either should be able to request account password reset for [email protected], both of these chaps are going to have a bad time. Google can _tell_ them this is a terrible idea, but GSuite is a company product, so ultimately it's their terrible idea if that's what they want to do.
The _technical_ features of Advanced Protection seem to be mostly: Use FIDO Security Keys (U2F/ WebAuthn), disable stuff we know is useful but insecure. You can opt into those technical changes for your GSuite, either for everybody or a selected group e.g. "Company Security Nerds" or "Executive Level Employees" or "Everybody except Pamela. Damn it Pamela". But the non-technical feature is hard and probably just not replicable at all.
Yes essentially the issue is that it's possible to permanently and irrecoverably lose access to your account with the Advanced Protection program enabled. But that clearly wouldn't work when your account admin can just reset things.
So you can have an equivalent set of options configured, but it isn't exactly the same.
I’m interested in Advanced Protection for my work account - Can I enroll a G Suite Account in Advanced Protection?
With the help of your Administrator, it’s possible to replicate the features of Advanced Protection on a G Suite account. Take a look at this help center article to get started.
I’m interested in Advanced Protection for my work account - Can I enroll a G Suite Account in Advanced Protection?
With the help of your Administrator, it’s possible to replicate the features of Advanced Protection on a G Suite account. Take a look at this help center article to get started.
