Google’s Next 18 Conference Slated To Spotlight Security
Google’s Cloud Next 2018 conference being held in San Francisco on July 24-26 plans to highlight its best cloud defenses and how to neutralize hacker-initiated malware. The two-factor authentication widget Titan, which is on top of the list for Google and it will be in the market by later this year. It consists of a pair of Bluetooth and USB key fobs. This is quite similar to the Google’s Advanced Protection Program, it will be available online so the user can buy to secure their Google account.
The two-factor authentication key follows the FIDO standards like YubiKeys, and every time Google will make sure the firmware of a key that is used to ensure it is legitimate. Google insists that its staff has used the gadget to log in to their work account, and not a single intrusion was reported last year.
Google hopes that its user will start using the multi-authentication feature because less than 10 percent of Gmail user is using this feature, though it was launched in their webmail way back 7-years.
Stina Ehrensvärd The founder of Yubico, which makes the YubiKey, in a blog post said her company welcomed the announcement, and that better security was good for all. But she questioned Google’s decision to include Bluetooth as well as a USB key.
“Google’s offering includes a Bluetooth (BLE) capable key,” she said. “While Yubico previously initiated development of a BLE security key, and contributed to the BLE U2F standards work, we decided not to launch the product as it does not meet our standards for security, usability, and durability. BLE does not provide the security assurance levels of the NFC and USB, and requires batteries and pairing that offer a poor user experience.”
A host of new cloud security features to come soon, and selected users of Google’s Cloud IAM, Cloud IAP and Cloud Identity services can try out the beta version of contextually adware security. This feature allows the admin to lock down accounts if it feels like someone is trying to break in. The beta version also comprises geolocation blocking in its Cloud Armor suite, which will stop overseas scammers from successfully logging in.
G Suite users will get access to a G Suite security center investigation tool. It’s also going to spin up Cloud HSMs – hardware security modules – so customers can “host encryption keys and perform cryptographic operations in FIPS 140-2 Level 3 certified HSMs.”
Those people who are using Kubernetes on the container front will be able to sign up for a beta of Google’s Binary Authorization system, which relies on a digital signature. They will also be on Container Registry Vulnerability Scanning facility to find exploitable flaws in Ubuntu, Debian, and Alpine.