New protections for users, data, and apps in the cloud
Director, Product Management, Google Workspace
Group Product Manager
At Google Cloud, we’re always looking to make advanced security easier for enterprises so they can stay focused on their core business. Already this year, we’ve worked to strengthen user protection, make threat defense more effective, and streamline security administration through a constant stream of new product releases and enhancements. We continue to push our pace of security innovation, and today at Google Cloud Next ‘19 Tokyo, we’re announcing four new capabilities to help customers protect their users, data, and applications in the cloud.
1. Bringing Advanced Protection Program to the enterprise
Google’s Advanced Protection Program helps safeguard the personal Google Accounts of anyone at risk of targeted online attacks. We are now introducing the Advanced Protection Program to G Suite, Google Cloud Platform (GCP) and Cloud Identity customers. Enterprise admins can allow their users most at risk of targeted attacks to enroll into the program. Examples of users who would benefit from the protections of the Advanced Protection Program include IT administrators, business executives, and employees in security-sensitive verticals such as finance and government.
With Advanced Protection Program for the enterprise, we’ll enforce a specific set of policies for the users you identify, including:
Enforcing the use of FIDO security keys, like Titan Security Keys, or compatible hardware from other vendors, to secure your account against phishing and account takeovers.
Automatically blocking access to third-party apps that your company has not explicitly marked as trusted.
Enabling enhanced scanning of incoming email for phishing attempts, viruses, and attachments for malicious content.
The beta for Advanced Protection Program for the enterprise will be rolling out in the coming days. Learn more.
2. Making Titan Security Keys available in Japan, Canada, France, and the UK
FIDO security keys provide the strongest protection against phishing, targeted attacks, and automated bots and other techniques that seek to compromise user credentials. Last year, Google launched our own Titan Security Keys with availability in the United States. Starting today, Titan Security Keys are also available on the Google Store in Canada, France, Japan, and the United Kingdom (UK).
Titan Security Keys can be used anywhere FIDO security keys are supported, including Google’s Advanced Protection Program. Learn more in our detailed blog post.
3. Using machine learning to detect anomalous activity in G Suite
Staying on top of activity that impacts the organization’s security is top of mind for most admins. Starting today, G Suite Enterprise admins can now automatically receive anomalous activity alerts in the G Suite alert center. Our machine learnings models analyze security signals within Google Drive to detect potential security risks such as data exfiltration or policy violations related to unusual external file sharing and download behavior.
Anomaly detection is available in beta for G Suite Enterprise and G Suite Enterprise for Education customers. Learn more.
4. Enabling one-click access to thousands of additional apps
As organizations expand their use of SaaS apps, they need to reduce friction for users while maintaining security. Cloud Identity and G Suite already enable single sign-on (SSO) for apps that use modern identity standards like SAML and OIDC, but just as important in meeting organizations where they are in their cloud journey is the ability to support legacy apps that still require a username and password to authenticate.
We’re pleased to announce that support for password vaulted apps will be generally available for Cloud Identity in the coming days. The combination of standards based- and password-vaulted app support will deliver one of the largest app catalogs in the industry, providing seamless one-click access for users and a single point of management, visibility, and control for admins.
Creating environments that are secure—and keeping them that way—is critical for organizations that run in the cloud. These new features will help strengthen protection and securely enable cloud workloads and business processes. If you are at Next Tokyo, learn more by checking out our security sessions. You can also watch our most recent round of Google Cloud Security Talks here, and register for our next round of security talks here.