Google Workspace Adds New Phishing Protection, Client-side Encryption

Google Workspace (formerly G Suite) has been updated with client-side encryption and new Google Drive phishing and malware content protection.

These new additions are part of a broader effort focused on more robust data security and follow the release of Safe Browsing, a blocklist service that protects billions of devices and users of Chrome, Android, and Gmail.

Google has also recently turned on HTTPS by default for Chrome users and started marking all HTTP sites as “Not Secure” in Chrome, with the release of Chrome 68 in July 2018.

Client-side encryption for greater security and privacy

“Google Workspace already uses the latest cryptographic standards to encrypt all data at rest and in transit between our facilities,” Google said.

“We’re taking this a step further by giving customers direct control of encryption keys and the identity service they choose to access those keys.”

Enabling Client-side encryption for a document will only allow you and your partner who holds the key to access the contents of the encrypted Google Workspace files.

Also Read: PDPA Singapore Guidelines: 16 Key Concepts For Your Business

This makes it especially valuable to orgs storing sensitive or regulated data (e.g., intellectual property, healthcare records, or financial data).

“We’ll be rolling out a beta for Client-side encryption in the coming weeks for Google Workspace Enterprise Plus and Google Workspace Education Plus customers.,” Google said.

While initially rolling out to Google Drive, Docs, Sheets, and Slides, Client-side encryption will also be available across Google Workspace, including Gmail, Meet, and Calendar.

If you are interested in testing it as soon as it’s available, you can sign up right now for the beta if you’re an Enterprise Plus or Education Plus customer.

To enable Client-side encryption, you have to choose one of the pre-defined key access service partners (i.e., Flowcrypt, Futurex, Thales, or Virtru) for key management and access control capabilities.

You can also build or integrate your own in-house Client-side encryption key service using the key access service API specifications Google will publish later this year.

New phishing and malware protection within orgs

“Every Google Workspace customer already benefits from the built-in protections in Google Drive that help block phishing and malware content from external users and organizations,” Google added.

“In the coming weeks, we’ll be taking this a step further by enabling all Google Workspace admins to implement this protection for content within their organizations, helping to safeguard against insider threats and user error.”

In enterprise environments where these new Google Drive protections are enabled, all suspicious files are automatically tagged and will only remain visible to their owners and the org admins.

Also Read: Data Protection Officer Singapore | 10 FAQs

As a direct result, potentially malicious documents will no longer be shared within the organization, thus drastically reducing the number of users impacted in malicious attacks abusing Google Drive for phishing and malware delivery.

Google Workspace was also updated with enhanced data loss prevention and classification with Drive labels and additional control over secure collaboration in Google Driver using trust rules.