Org Policy - Public Access Prevention

It is a best practice to enable this constraint at the top Organization Level. If projects need to override it, they can. But by default, you should restrict public access to buckets across the organization.