G Suite now offers enhanced security for high-risk users
Mandatory FIDO keys and auto-blocking of third-party apps comprise the tougher standards
Google has extended its advanced security programme to enterprise customers using its G Suite, Google Cloud Platform (GCP) and Cloud Identity products, giving IT administrators the ability to set stronger internal controls.
Organisations can enrol senior executives and those employees at high-risk of cyber attacks into Google's Advanced Protection Program (APP), which will bring their level of security up to the standards of Google's own employees.
Within the next few days, IT administrators can select the members of their organisation who they assess as needing stronger protections, and Google will automatically apply a set of stricter cyber security policies to their activities.
There are several changes to how those enrolled in the programme can access Google's products, including enforced FIDO keys, blocking access to non-trusted third-party apps automatically, and enhanced scanning of incoming emails.
These changes will come alongside making Titan security keys, Google's own FIDO key, available for purchase in Japan, Canada, France and the UK, as well as using machine learning to improve security alerts for IT administrators.
The use of such FIDO keys will be mandatory for those enrolled in the advanced security programme, meaning access to critical Google apps may be disrupted for users without them. Third-party apps will also be automatically blocked for APP users unless explicitly whitelisted.
The use of machine learning, meanwhile, will be directed towards analysing activity within the G Suite to detect unusual behaviour. In practical terms, IT administrators signed up to the service will receive a stream of anomalous activity alerts on a security dashboard.
This raft of added security protections will bolster the security across organisations signed up to Google's enterprise products by both demanding more of high-risk employees and adding more robust provisions.
However, the majority of these practices can be seen as essential for good cyber security hygiene, regardless, and raise the question as to why they haven't been introduced to customers up to now. It's especially pertinent given Google employees have adhered to the APP regime since it was launched two years ago.
Google, at the time of launch, restricted the APP to those at elevated risk of attack and who are also "willing to trade off a bit of convenience for more protection".
There is now, however, no stopping IT administrators from now enrolling their entire organisation to the programme should they deem it the best defence against cyber threats.