G Suite now offers enhanced security for high-risk users

Mandatory FIDO keys and auto-blocking of third-party apps comprise the tougher standards

Google HQ

Google has extended its advanced security programme to enterprise customers using its G Suite, Google Cloud Platform (GCP) and Cloud Identity products, giving IT administrators the ability to set stronger internal controls.

Organisations can enrol senior executives and those employees at high-risk of cyber attacks into Google's Advanced Protection Program (APP), which will bring their level of security up to the standards of Google's own employees.

Within the next few days, IT administrators can select the members of their organisation who they assess as needing stronger protections, and Google will automatically apply a set of stricter cyber security policies to their activities.

There are several changes to how those enrolled in the programme can access Google's products, including enforced FIDO keys, blocking access to non-trusted third-party apps automatically, and enhanced scanning of incoming emails.

These changes will come alongside making Titan security keys, Google's own FIDO key, available for purchase in Japan, Canada, France and the UK, as well as using machine learning to improve security alerts for IT administrators.

The use of such FIDO keys will be mandatory for those enrolled in the advanced security programme, meaning access to critical Google apps may be disrupted for users without them. Third-party apps will also be automatically blocked for APP users unless explicitly whitelisted.

The use of machine learning, meanwhile, will be directed towards analysing activity within the G Suite to detect unusual behaviour. In practical terms, IT administrators signed up to the service will receive a stream of anomalous activity alerts on a security dashboard.

This raft of added security protections will bolster the security across organisations signed up to Google's enterprise products by both demanding more of high-risk employees and adding more robust provisions.

However, the majority of these practices can be seen as essential for good cyber security hygiene, regardless, and raise the question as to why they haven't been introduced to customers up to now. It's especially pertinent given Google employees have adhered to the APP regime since it was launched two years ago.

Google, at the time of launch, restricted the APP to those at elevated risk of attack and who are also "willing to trade off a bit of convenience for more protection".

There is now, however, no stopping IT administrators from now enrolling their entire organisation to the programme should they deem it the best defence against cyber threats.

Featured Resources

How to scale your organisation in the cloud

How to overcome common scaling challenges and choose the right scalable cloud service

Download now

The people factor: A critical ingredient for intelligent communications

How to improve communication within your business

Download now

Future of video conferencing

Optimising video conferencing features to achieve business goals

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Most Popular

Star Alliance passenger data stolen in SITA data breach
data breaches

Star Alliance passenger data stolen in SITA data breach

5 Mar 2021
I went shopping at Amazon’s till-less supermarket so that you don’t have to
automation

I went shopping at Amazon’s till-less supermarket so that you don’t have to

5 Mar 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

26 Feb 2021