Security Tools to Protect Google Cloud Platform and G Suite against Phishing, Malware, DDoS Attacks

Google added more than 20 new security features for both the Google Cloud Platform and G Suite that target to give enterprises more control over their security environment. On the Google Cloud Platform side, the tech giant unveiled VPC (Virtual Private Cloud) Service Controls. Currently in alpha, the controls function like a firewall for API-based services on GCP, preventing data exfiltration in the event of a security breach.

"Imagine constructing an invisible border around everything in an app that prevents its data from escaping, and having the power to set up, reconfigure and tear down these virtual perimeters at will," said Google's VP for security and privacy, Gerhard Eschelbeck, in a blog post.

Google is also launching its Cloud Security Command Center tool that the company said gives enterprises deeper insights into the health of their data security across Google Cloud services. Its primary function is to help businesses gather data, identify threats, and act on threats before data is compromised or lost.

For additional risk assessment capabilities within Security Command Center, Google is partnering with Cloudflare, CrowdStrike, Dome9, RedLock, Palo Alto Networks, and Qualys to pull in additional security data that will help detect DDoS attacks, compliance violations, network intrusions and other threats.

Google is going even further on the DDoS and application defence front with the launch of Cloud Armor. The new service offers IP whitelisting and blacklisting tools and integrates with Google's Cloud HTTP(S) Load Balancing service.

G Suite now empowered with anti-phishing capabilities
As for G Suite, the primary attraction is its new anti-phishing capabilities. Google said it has added machine learning to its threat indicators to automatically flag suspicious emails that have encrypted attachments or embedded scripts. At the same time, updated phishing security controls can now be configured to automatically switch on the most recent defences recommended by Google.
These new default-on protections can:

• Automatically flag emails from untrusted senders that have encrypted attachments or embedded scripts.
• Warn against email that tries to spoof employee names or that comes from a domain that looks similar to your own domain.
• Offer enhanced protections against spear phishing attacks by flagging unauthenticated email.
• Scan images for phishing indicators and expand shortened URLs to uncover malicious links. 

With the protections in place, most of the Business Email Compromise (BEC) scenarios or someone impersonating an executive to get sensitive information scenario, are/is handled by either automatically moving mails to the spam folder or flagging mails with anomaly warnings to users.

 

More control over mobiles with default-on device management
Securing endpoints like mobile devices is one of the best ways for enterprises to keep data safe. More than 7 million devices are already managed with G Suite enterprise-grade mobile management solution. Google also announced that mobile devices that access G Suite will have new proactive security settings automatically enabled. Meanwhile, the recently released security center for G Suite is getting a few upgrades, including new security and mobile management charts.
This means employees don’t have to install profiles on iOS and Android devices. It also implies admins get added security management controls to help them:

• See which devices access corporate data in a single dashboard.
• Enforce pass codes and erase confidential data with selective account wipe for Android and iOS.
• Automatically protect Android and iOS devices, with no user intervention or device profile required.

And you may have noticed Google launched updates to Cloud Identity, a way for enterprises to manage users, apps and devices centrally. Cloud Identity includes user lifecycle management, account security, SSO, robust device and app management and unified reporting.

Offering more visibility and insights to stay ahead of potential threats
IT admins who operate in the cloud seek tools, visibility and assistive insights to stop threats or gaps in operations before they become security incidents. This is why Google introduced the security center for G Suite earlier this year. The security center is a tool that brings together security analytics, actionable insights and best practice recommendations from Google to help you protect your organization, data and users.
Additions to the security center for G Suite include:

• New security charts to show OAuth activity and Business Email Compromise (BEC) scam threats that are specifically focused on phishing emails that may not have links.
• New mobile management charts to help IT admins examine activity analytics and show when devices have been hijacked, rooted or jailbroken, as well as when other suspicious device activity has been detected.
• Ways to reorganize the dashboard to focus on what is most important to your organization.
• Ways to analyze your organization’s security health, get custom advice on security key deployment and protection against phishing scams.

 

Providing built-in protections and controls for Team Drives
Enterprises share and store an enormous amount of content, which means admins need more controls to keep this data protected. That’s why Google is enhancing Team Drives with new security controls to give you more ways to safeguard highly-sensitive content. Now, your data can be protected by Information Rights Management (IRM) controls so you can feel confident that your company’s ideas stay with you and are secure.
Specific updates include the ability to modify settings for Team Drives to:

• Limit file access privileges to Team Drives members, or only to users within your domain.
• Add IRM controls to prevent users from printing, downloading and copying files within Team Drives.

These new security features for Team Drives will roll out over the next few weeks.

Phishing, Malware and mobile management controls are available now across all G Suite versions, and you’ll be able to use Team Drives controls in the coming weeks. If you’re a G Suite Enterprise customer, you can access the security center in the Admin console.

Google wants its customers to know that it's emphasizing products that protect an organization's sensitive data and assets. The tech giant has in the past rolled out advanced phishing detection through machine learning and tools to prevent data leakage via DLP for Google Drive.

Last July, the company introduced a feature for G Suite that enabled organizations to limit which third-party apps could gain access to its users' data. Before the feature launched, however, Gmail users were hit by a phishing attack that abused Google's OAuth login page where third-party apps requested access to different permissions in Gmail. After the incident, among other steps it took, Google slowed down the process for publishing web apps. The feature prompted admins to create a list of pre-approved apps with OAuth apps whitelisting, which allowed users to grant access to personal G Suite data to any of the apps on the whitelist. Why wait… get started.