Google’s Advanced Protection Program For Cloud Services Released As Beta
As the cloud-service industry’s competition heats up, Google is enhancing its current web services with Advanced Protection, a new way for the search giant to harden its infrastructure from online threats. Google cloud is facing an uphill competition against Amazon, Microsoft and other smaller players in the cloud-storage/cloud-computing space, and the company’s drive towards security is a key to expand its market share. With Advanced Protection program, Google wishes to secure the most vulnerable industries that use its services, more particularly the financial sector, public sector, and executive-level users.
At the moment, Advanced Protection has deployed in all enterprise Google services such as corporate Gmail and Google Docs as a beta program with a FIDO security key only. The side effect with this chance once this becomes stable is the lack of third-party app compatibility. With Advanced Protection, 3rd party apps that do not pass the curation of Google will not be able to connect, useful for securing a corporate computer installation when used in combination with a security key. In related news, the security key that is required for Advanced Protection becomes available for countries outside the United States.
“Google’s Advanced Protection Program helps safeguard the personal Google Accounts of anyone at risk of targeted online attacks. We are now introducing the Advanced Protection Program to G Suite, Google Cloud Platform (GCP) and Cloud Identity customers. Enterprise admins can allow their users most at risk of targeted attacks to enroll into the program,” explained Karthik Lakshminarayanan, Director for Product Management.
As of this writing, anyone who wishes the Google-issued security key can buy one from the Google Store for the following territories: France, United Kingdom, Canada, and Japan. Google wish not to create a walled-garden with Advanced Protection, as other security keys that competes against Titan Security Keys are supported as long as it follows the FIDO protocol.
“Titan Security Keys can be used anywhere FIDO security keys are supported, including Google’s Advanced Protection Program. Staying on top of activity that impacts the organization’s security is top of mind for most admins. Starting today, G Suite Enterprise admins can now automatically receive anomalous activity alerts in the G Suite alert center,” added Lakshminarayanan.
Google promises to take advantage of machine-learning technologies in order to secure their corporate users, it is still in its infancy though so this feature is considered as not yet stable. “Our machine learnings models analyze security signals within Google Drive to detect potential security risks such as data exfiltration or policy violations related to unusual external file sharing and download behavior. Anomaly detection is available in beta for G Suite Enterprise and G Suite Enterprise for Education customers,” said Lakshminarayanan.
The search giant is committed to improving their SaaS (Software-as-a-Service) offerings to better compete, most especially against Microsoft Office 365 apps. The company sees the single sign-on benefits provided by a Google account for end-users, simplifying login without compromising security. “Creating environments that are secure—and keeping them that way—is critical for organizations that run in the cloud. These new features will help strengthen protection and securely enable cloud workloads and business processes,” concluded Lakshminarayanan.
Julia Sowells946 Posts
Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.