Google is actively pushing for privacy and data security for Google Workspace users. The G-Suite evolution now includes client-side encryption and new Google Drive phishing and malware content protection.
Following the release of the Safe Browsing initiative, Google has stepped on the gas with privacy and security aspects for online activities. Safe Browsing is a blocklist service that attempts to Chrome, Android, and Gmail users.
New phishing and malware protection available to all Google Workspace customers:
“Every Google Workspace customer already benefits from the built-in protections in Google Drive that help block phishing and malware content from external users and organizations,” claims Google. Moving ahead, all Google Workspace admins can implement this protection for content within their organizations.
These steps will work to proactively shield users from threats that originate from inside as well as through user error. Simply put, Google will scan all “suspicious” files and tag them. This automated tagging system will ensure suspicious files are visible only to their owners and administrators in the organization.
— Stetson Cybergroup (@StetsonCG) June 15, 2021
Such protection measures can ensure potentially malicious documents do not circulate within the organization. As a direct result, these steps could significantly bring down the number of infections. Malware or viruses that abuse Google Drive for phishing and malware delivery should also have a very limited scope.
Additionally, the new update also brings with it enhanced data loss prevention and classification with Drive labels. Moreover, Google is also offering additional control over secure collaboration in Google Driver using trust rules.
Google enables “blind” client-side encryption for greater security and privacy:
“Google Workspace already uses the latest cryptographic standards to encrypt all data at rest and in transit between our facilities,” claimed Google. “We’re taking this a step further by giving customers direct control of encryption keys and the identity service they choose to access those keys,” announced the search giant.
The feature will essentially grant the decryption keys only to the creator and the person that has the authorization to view the document. This also means that no one, not even Google, has access to the contents of the documents.
— Moore Tech Solutions (@Mooretech) June 15, 2021
Needless to mention, such a feature will be invaluable to companies that work and store sensitive or regulated data. Such documents could include intellectual property, healthcare records, financial data, etc.
Google Workspace Enterprise Plus and Google Workspace Education Plus customers will gain the client-side encryption feature in the next few weeks, indicated Google. The feature is already available for testing.
Incidentally, the Google Workspace ecosystem, which includes Gmail, Meet, and Calendar, should also receive the feature in the future.