Google on Wednesday announced security updates to Google Cloud customers' control over their security in Google apps like Gmail, Calendar, Hangouts and Drive. Google states that many of the features turn on by default and users won't have to do anything to enable the new updates. Here's a look at what Google is adding and enhancing, taken from the Google blog post:
Google is applying machine learning to threat indicators and advancing models to identify what could be a phishing attack. Google says updated phishing security controls can be configured to automatically switch on Google-recommended defenses.
New default-on protections include:
- Automatically flag emails from untrusted senders that have encrypted attachments or embedded scripts.
- Warn against email that tries to spoof employee names or that comes from a domain that looks similar to your own domain.
- Offer enhanced protections against spear phishing attacks by flagging unauthenticated email.
- Scan images for phishing indicators and expand shortened URLs to uncover malicious links.
Google claims that with the protections in place, more than 99.9 percent of business email compromises (when someone impersonates an executive to get sensitive information) are either automatically moved to the spam folder or flagged with anomaly warnings to users.
More control over mobile devices
With Google's new default-on mobile management security settings, basic device management is automatically enabled for your mobile devices that access G Suite.
This means employees don't have to install profiles on iOS and Android devices and admins get added security management controls. These include:
- See which devices access corporate data in a single dashboard.
- Enforce pass codes and erase confidential data with selective account wipe for Android and iOS.
- Automatically protect Android and iOS devices, with no user intervention or device profile required.
Google also launched updates to Cloud Identity, a way for enterprises to manage users, apps and devices centrally. Cloud Identity includes user lifecycle management, account security, SSO, robust device and app management and unified reporting.
More visibility and insights
Google introduced the security center for G Suite earlier this year. Today, Google announced additions including:
- New security charts to show OAuth activity and Business Email Compromise (BEC) scam threats that are specifically focused on phishing emails that may not have links.
- New mobile management charts to help IT admins examine activity analytics and show when devices have been hijacked, rooted or jailbroken, as well as when other suspicious device activity has been detected.
- Ways to reorganize the dashboard to focus on what is most important to your organization.
- Ways to analyze your organization's security health and get custom advice on security key deployment and protection against phishing scams.
Built-in protections and controls for Team Drives
Google is giving Team Drives new security controls to safeguard highly-sensitive content. The data can now be protected by Information Rights Management (IRM) controls. Specific updates include the ability to modify settings for Team Drives to:
- Limit file access privileges to Team Drives members, or only to users within your domain.
- Add IRM controls to prevent users from printing, downloading and copying files within Team Drives.
These new security features for Team Drives will roll out over the next few weeks.
The newly announced phishing and mobile management controls are available now across all G Suite versions. Team Drives controls will roll out in the coming weeks.