Active security breach or incident? We provide urgent response support.Get Emergency Help Now →
CanadaSecure LogoCanadaSecure
Google Workspace · Free · 5 Minutes · No Admin Access Required

Find out where your Google Workspace is exposed.
Before an attacker does.

Answer 25 plain-language questions across 5 security vectors. Get a score out of 100, your weakest domain, and a concrete 30-day remediation plan.

25
Workspace-targeted questions
~5 min
Average completion time
5
Security vectors audited

What you get

A real diagnosis across 5 Google Workspace vectors

🎯
Score out of 100
Calculated across Identity, Drive, Gmail, App Integrations, and Device security.
⚠️
Weakest domain flagged
Your highest-risk vector identified with specific administrative gaps explained in plain English.
🔑
OAuth & shadow IT audit
Detect unvetted third-party apps with dangerous read/write access to your corporate Drive.
📅
30-day remediation plan
Step-by-step Google Admin console actions your team can implement without an IT manager.
📧
Gmail authentication review
SPF, DKIM, and DMARC coverage check — the foundation of email spoofing defence.
🔒
Fully confidential
No Workspace credentials required. Only your email and company name are stored.

Audit scope

The 5 Google Workspace vectors we audit

Canadian businesses using Google Workspace are often misconfigured by default. These are the attack surfaces we target.

Identity & Access (IAM)
MFA enforcement, admin account hygiene, inactive account audits, and session timeout policies.
Google Drive Data
Public link exposure, Shared Drive isolation, external collaborator offboarding, and download controls.
Gmail Protection
SPF, DKIM, DMARC records, lookalike domain alerts, and unauthorized forwarding rule prevention.
App Integrations (OAuth)
Shadow IT detection, Marketplace app allowlisting, and third-party API scope restrictions.
Device & Endpoints
MDM enforcement, BYOD sync restrictions, device inventory, and remote wipe readiness.
⚠️

Business Email Compromise (BEC) cost Canadian businesses over $68M in losses last year — most from misconfigured email authentication.

Source: Canadian Anti-Fraud Centre — Annual Report 2023

Who is it for?

Built for Canadian businesses running Google Workspace

Whether you have 5 or 250 staff, these gaps exist in your default configuration. No IT manager or admin credential required.

🏥
Medical & Dental Clinics
Patient charts in Drive — PHIPA breach risk from public links and unrevoked staff access
⚖️
Law & Accounting Firms
Client financials and wire instructions — prime BEC targets via spoofed Gmail domains
💻
SaaS & Tech Startups
Source code and IP in Drive — exposed by unvetted OAuth apps with full read/write access
🏢
Real Estate Offices
Transaction documents and client data — often shared via public links without expiry
📣
Marketing Agencies
Client brand assets and campaign data — exposed through broad external sharing settings
🎓
Schools & Non-profits
Staff and beneficiary records — frequently left in unprotected shared drives

Report preview

What you receive after your scan

A sample of the diagnostic output. You know exactly what you are getting before you start.

CanadaSecureWORKSPACE AUDIT

Maturity Report

Northside Dental Group · Ontario

44
/100
Silver Level

Moderate exposure — 3 critical vectors flagged

Identity & Access8/20
Google Drive Data10/20
Gmail Protection12/20
App Integrations6/20
Device & Endpoints8/20
Top Vulnerabilities Found
CRITICAL
MFA not enforced — staff using password only
All accounts accessible via password spray attacks
CRITICAL
Public Drive links active for patient intake forms
PHIPA breach — external users can access records
HIGH
DMARC policy missing on primary domain
Domain spoofing enables billing fraud emails
HIGH
7 unvetted OAuth apps with full Drive access
Shadow IT — no approval or audit trail on record
MEDIUM
No MDM enforced on 12 staff mobile devices
Corporate Drive accessible on unencrypted phones
+ 30-day remediation plan · DNS config guide · Admin console walkthrough

Pricing

Simple. No surprises.

Start with the free scan — then upgrade to a professional assessment for a full remediation plan and expert review call.

Free Diagnostic

Your instant security score — no commitment required.

$0free · CAD
  • Score out of 100
  • Maturity tier (Bronze / Silver / Gold)
  • Domain-level performance breakdown
  • Top risk indicators flagged

Essential Exposure Review

Your first honest look at where you stand.

$497one-time · CAD
  • External exposure review
  • Email security configuration check
  • Website and domain scan
  • Credential exposure check
  • Basic MFA and access hygiene review
  • Plain-language summary report
  • Top 3–5 prioritized fixes
  • 60-minute findings review call
Book Discovery Call
Best Value

Business Risk Assessment

For teams that need a complete picture of their cloud and process exposure.

$997one-time · CAD
  • Everything in Essential Exposure Review
  • Microsoft 365 / Google Workspace posture review
  • Internal access control review
  • Business process and phishing risk review
  • Detailed findings and remediation roadmap
  • Management-ready action plan
  • Assessment review session
Book Discovery Call

Continuous Assurance

Quarterly checks and priority advisory — stay ahead of new threats.

$199per month · CAD
  • Quarterly security posture check
  • Ongoing credential exposure monitoring
  • Priority incident advisory channel
  • Staff offboarding verification
  • Monthly threat briefing
  • 30-day response SLA
Book Discovery Call
All prices in CAD. Assessments completed remotely — no on-site visit required. Not sure which tier? Book a free discovery call and we'll help you decide.

FAQ

Everything you need to know

Ready to know where your Workspace is exposed?

It takes 5 minutes. No admin credentials required. The result could prevent your next breach.

Free · Confidential · No Workspace login required