Endpoint

4/25/2018
04:30 PM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
100%
0%

Google Adds Security Features to Gmail Face-lift

A redesigned Gmail brings new security measures to improve data protection and applications for artificial intelligence.

Google today announced a wave of G Suite updates, most of which focus on Gmail. The email service is getting a new Web look, advanced security features, artificial intelligence applications, further integrations with apps across G Suite, and management changes in Tasks.

"This week's [changes] are about giving users more agency in the cloud," explains Suzanne Frey, Google's director of security, trust, privacy, and compliance.

One of the new features is Gmail confidential mode, which lets users protect sensitive content by creating expiration dates or revoking previously sent emails.

"These are additional controls available on an email-by-email basis," she continues, noting that emails can be revoked even after they're viewed. "Think of it like a Drive file. If you share a Drive file with someone and remove access for them, it works in the same way."

Users can also require recipients to provide additional authentication to view messages, which makes it possible to protect data even if a recipient's email account has been hijacked and the message hasn't been deleted. Even if an account has been hijacked, an attacker would have to have access to the victim's phone and mobile password to view the SMS and open the email.

Google is also introducing built-in information rights management controls so users can remove the option for recipients to download, copy, forward, or print emails, decreasing the risk of messages being shared to third parties.

Security alerts also have been redesigned to be larger and bolder, with simpler messaging so users understand when an email has been flagged or a security threat is imminent.

Users will be able to access these new email security capabilities by clicking the padlock icon on the bottom of their email screens. The security advancements announced today will eventually be available to G Suite users and consumers. Right now, access is limited to enterprise users in the early adopter program; Frey says general availability will start in the coming weeks.

The Gmail update includes new artificial intelligence applications, including Nudging, Smart Reply, and high-priority notifications. Nudging reminds users to follow up and respond to messages, and Smart Reply, a feature released in May 2017 to suggest quick email responses, is arriving on the Web in addition to mobile. Smartphone users can also enable high-priority notifications on Gmail so they are only alerted to important messages.

Today's security updates build on those from last month, when Google rolled out phishing protections designed to prevent business email compromise (BEC), a growing enterprise threat, by warning users of potential attacks or automatically moving messages to the spam folder.

Those capabilities have driven an increase in Google's security data, which it in turn can use to improve defenses, Frey says. "The more signals we get, the more signals spam and phishing protection gets." Now, she reports, 99% of BEC scenarios are automatically moved to spam.

Back in January, Google launched the Security Center for G Suite Enterprise with the intention of giving admins a central dashboard to view data and gauge their security posture. The center provides detailed metrics for employees' devices; for example, the types of phishing emails received and who is receiving the most. Admins can also view guidance for managing devices.

Related Content:

Interop ITX 2018

Join Dark Reading LIVE for a two-day Cybersecurity Crash Course at Interop ITX. Learn from the industry’s most knowledgeable IT security experts. Check out the agenda here. Register with Promo Code DR200 and save $200.

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
shopicsoe
50%
50%
shopicsoe,
User Rank: Apprentice
11/2/2018 | 7:31:43 AM
Re: No nudging, please!
I have an HP printer and Windows 8. I ended up with a print job that wouldn't delete. I tried your fix for win 8 but access was denied. I finally found this little download from HP Photosmart printers which did the trick. If you don't trust the link just go to the HP printer support for your version. 
jackdenial
50%
50%
jackdenial,
User Rank: Apprentice
10/15/2018 | 4:06:14 AM
Google Adds Security Features to Gmail Face-lift
I like this feature of Google Adds Security in Gmail account. With the help of this feature, we can protect our data and these features are also great like amazing Web look, advanced security features, and management changes in Tasks. I didn't Recover Gmail Password then I checked my mail for reset Gmail password link and recover my password. 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
4/28/2018 | 8:41:58 PM
G-suite
Security Center for G Suite Enterprise with the intention of giving admins a central dashboard to view data and gauge their security posture. G-suite admin dashboard helps a lot, they play catch up with Microsoft.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
4/28/2018 | 8:34:36 PM
AI?
The Gmail update includes new artificial intelligence applications, including Nudging, Smart Reply, and high-priority notifications These are less AI realated more algorithms designed to achive that.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
4/28/2018 | 8:33:02 PM
Re: No nudging, please!
Yes, this may be a problem if users do not have enough control over these settings.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
4/28/2018 | 8:31:44 PM
expiration
One of the new features is Gmail confidential mode, which lets users protect sensitive content by creating expiration dates or revoking previously sent emails. This is really big when it comes to g-suite vs. outlook in the enterprises.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
4/26/2018 | 5:29:34 AM
No nudging, please!
> Nudging reminds users to follow up and respond to messages

Great. As if I'm not hounded enough by PR people... ;)
Higher Education: 15 Books to Help Cybersecurity Pros Be Better
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
'PowerSnitch' Hacks Androids via Power Banks
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/8/2018
Criminals Use Locally Connected Devices to Attack, Loot Banks
Jai Vijayan, Freelance writer,  12/7/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: So now we are monitoring the monitor?
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-20145
PUBLISHED: 2018-12-13
Eclipse Mosquitto 1.5.x before 1.5.5 allows ACL bypass: if the option per_listener_settings was set to true, and the default listener was in use, and the default listener specified an acl_file, then the acl file was being ignored.
CVE-2018-12076
PUBLISHED: 2018-12-13
A vulnerability in the UPC bar code of the Avanti Markets MarketCard could allow an unauthenticated, local attacker to access funds within the customer's MarketCard balance, and also could lead to Customer Information Disclosure. The vulnerability is due to lack of proper validation of the UPC bar c...
CVE-2018-18922
PUBLISHED: 2018-12-13
add_user in AbiSoft Ticketly 1.0 allows remote attackers to create administrator accounts via an action/add_user.php POST request.
CVE-2018-18923
PUBLISHED: 2018-12-13
AbiSoft Ticketly 1.0 is affected by multiple SQL Injection vulnerabilities through the parameters name, category_id and description in action/addproject.php; kind_id, priority_id, project_id, status_id and title in action/addticket.php; and kind_id and status_id in reports.php.
CVE-2018-19039
PUBLISHED: 2018-12-13
Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions.