Google Cloud is getting a few new capabilities and updates intended to secure data in the cloud, alert administrators to cloud-based threats, and protect users from targeted attacks.
Google is bringing its Advanced Protection Platform, designed to boost security for high-risk individuals, to G Suite, Google Cloud, and Cloud Identity customers. Businesses can opt to enroll users at greatest risk for targeted attacks — for example, C-level execs, IT administrators, and employees in industries like finance or government, which are typically more security-sensitive.
For these employees, Google enforces an extra set of security policies. The program automatically blocks access to third-party apps not verified by the company and has more detailed scanning of incoming mail for phishing attacks or malware. Participants are also required to use a FIDO security key, or other compatible hardware, to block account takeover. Google says the Advanced Protection Program will be available in beta within the coming days.
On a related note, Google's Titan Security Key, which launched in the US last year, will be made available in Japan, Canada, France, and the United Kingdom on the Google Store starting today. The Titan key can be used on any device that supports FIDO security keys.
Starting today, anomaly detection will be available in beta for G Suite Enterprise and G Suite Enterprise for Education. G Suite Enterprise admins can automatically receive anomalous activity alerts in the G Suite alert center to learn about potential security risks, including data exfiltration or other policy violations related to suspicious external file sharing and downloads.
Support for password-vaulted apps will be generally available for Cloud Identity within the coming days. Cloud Identity and G Suite already allow single sign-on for apps using SAML and OIDC identity standards; now Google is bringing support for password-vaulted apps to Cloud Identity so businesses can continue supporting legacy apps that still require a username and password. The combination of standards-based and password-vaulted app support is intended to provide one-click access for users, as well as a single point of management and control for admins, Google officials explain in a blog post.