Making improvements to admin section of Google Analytics 360 Suite to best meet the needs of modern enterprises, a new user policies for organization is added on Tuesday—is a user management feature that enable administrators to better control access to their corporate data.
To make it work, a 360 Suite administrator, need to first create users' policy specifying what users are allowed or disallowed to do within their organization's Google Analytics accounts, for example: "A domain may be entered to allow any users with email addresses on that domain," or "A single user email may be entered to explicitly allow that user," or "A single user email may be entered to explicitly disallow that user," writes google.
For auditing policy violators, Google explains, both primary and secondary Google User Account email addresses are checked when considering if a user passes a policy. And, any user violating policy will be highlighted on the Suite Admin User's report. Once users who are violating policy are found, administrators can add those users and they will appear in the Audit report seen with a red (!) icon in the picture below:
For now, Google do not block the addition of policy violating users to suite products. But in future, Google said, "policy administrators will be able to choose to block violating users from being added."