IAM misconfigurations

User with a Gmail personal account

Risk Level

Informational (4)

Compliance Frameworks


Gmail accounts are personally created and managed. Organizations don't have control over them. It is best practice to use corporate email accounts.
  • Recommended Mitigation

    Use email accounts that are corporate for better visibility, audit and control over access to GCP resources.