Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

4/25/2018
04:30 PM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
100%
0%

Google Adds Security Features to Gmail Face-lift

A redesigned Gmail brings new security measures to improve data protection and applications for artificial intelligence.

Google today announced a wave of G Suite updates, most of which focus on Gmail. The email service is getting a new Web look, advanced security features, artificial intelligence applications, further integrations with apps across G Suite, and management changes in Tasks.

"This week's [changes] are about giving users more agency in the cloud," explains Suzanne Frey, Google's director of security, trust, privacy, and compliance.

One of the new features is Gmail confidential mode, which lets users protect sensitive content by creating expiration dates or revoking previously sent emails.

"These are additional controls available on an email-by-email basis," she continues, noting that emails can be revoked even after they're viewed. "Think of it like a Drive file. If you share a Drive file with someone and remove access for them, it works in the same way."

Users can also require recipients to provide additional authentication to view messages, which makes it possible to protect data even if a recipient's email account has been hijacked and the message hasn't been deleted. Even if an account has been hijacked, an attacker would have to have access to the victim's phone and mobile password to view the SMS and open the email.

Google is also introducing built-in information rights management controls so users can remove the option for recipients to download, copy, forward, or print emails, decreasing the risk of messages being shared to third parties.

Security alerts also have been redesigned to be larger and bolder, with simpler messaging so users understand when an email has been flagged or a security threat is imminent.

Users will be able to access these new email security capabilities by clicking the padlock icon on the bottom of their email screens. The security advancements announced today will eventually be available to G Suite users and consumers. Right now, access is limited to enterprise users in the early adopter program; Frey says general availability will start in the coming weeks.

The Gmail update includes new artificial intelligence applications, including Nudging, Smart Reply, and high-priority notifications. Nudging reminds users to follow up and respond to messages, and Smart Reply, a feature released in May 2017 to suggest quick email responses, is arriving on the Web in addition to mobile. Smartphone users can also enable high-priority notifications on Gmail so they are only alerted to important messages.

Today's security updates build on those from last month, when Google rolled out phishing protections designed to prevent business email compromise (BEC), a growing enterprise threat, by warning users of potential attacks or automatically moving messages to the spam folder.

Those capabilities have driven an increase in Google's security data, which it in turn can use to improve defenses, Frey says. "The more signals we get, the more signals spam and phishing protection gets." Now, she reports, 99% of BEC scenarios are automatically moved to spam.

Back in January, Google launched the Security Center for G Suite Enterprise with the intention of giving admins a central dashboard to view data and gauge their security posture. The center provides detailed metrics for employees' devices; for example, the types of phishing emails received and who is receiving the most. Admins can also view guidance for managing devices.

Related Content:

Interop ITX 2018

Join Dark Reading LIVE for a two-day Cybersecurity Crash Course at Interop ITX. Learn from the industry’s most knowledgeable IT security experts. Check out the agenda here. Register with Promo Code DR200 and save $200.

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
shopicsoe
50%
50%
shopicsoe,
User Rank: Apprentice
11/2/2018 | 7:31:43 AM
Re: No nudging, please!
I have an HP printer and Windows 8. I ended up with a print job that wouldn't delete. I tried your fix for win 8 but access was denied. I finally found this little download from HP Photosmart printers which did the trick. If you don't trust the link just go to the HP printer support for your version. 
jackdenial
50%
50%
jackdenial,
User Rank: Apprentice
10/15/2018 | 4:06:14 AM
Google Adds Security Features to Gmail Face-lift
I like this feature of Google Adds Security in Gmail account. With the help of this feature, we can protect our data and these features are also great like amazing Web look, advanced security features, and management changes in Tasks. I didn't Recover Gmail Password then I checked my mail for reset Gmail password link and recover my password. 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
4/28/2018 | 8:41:58 PM
G-suite
Security Center for G Suite Enterprise with the intention of giving admins a central dashboard to view data and gauge their security posture. G-suite admin dashboard helps a lot, they play catch up with Microsoft.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
4/28/2018 | 8:34:36 PM
AI?
The Gmail update includes new artificial intelligence applications, including Nudging, Smart Reply, and high-priority notifications These are less AI realated more algorithms designed to achive that.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
4/28/2018 | 8:33:02 PM
Re: No nudging, please!
Yes, this may be a problem if users do not have enough control over these settings.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
4/28/2018 | 8:31:44 PM
expiration
One of the new features is Gmail confidential mode, which lets users protect sensitive content by creating expiration dates or revoking previously sent emails. This is really big when it comes to g-suite vs. outlook in the enterprises.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
4/26/2018 | 5:29:34 AM
No nudging, please!
> Nudging reminds users to follow up and respond to messages

Great. As if I'm not hounded enough by PR people... ;)
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/25/2020
Hacking Yourself: Marie Moe and Pacemaker Security
Gary McGraw Ph.D., Co-founder Berryville Institute of Machine Learning,  9/21/2020
Startup Aims to Map and Track All the IT and Security Things
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/22/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15208
PUBLISHED: 2020-09-25
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a `DCHECK` which is no-op outside of debug compilation modes. Since the function always returns the dimension of the first tensor, malicious attackers can ...
CVE-2020-15209
PUBLISHED: 2020-09-25
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a `nullptr` buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one....
CVE-2020-15210
PUBLISHED: 2020-09-25
In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, if a TFLite saved model uses the same tensor as both input and output of an operator, then, depending on the operator, we can observe a segmentation fault or just memory corruption. We have patched the issue in d58c96946b and ...
CVE-2020-15211
PUBLISHED: 2020-09-25
In TensorFlow Lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors. The flatbuffer format uses indices f...
CVE-2020-15212
PUBLISHED: 2020-09-25
In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. Users having access to `segment_ids_data` can alter `output_index` and then write to outside of `outpu...