Google boosts security features for G Suite and Google Cloud

22 Mar 2018

Google Cloud app on mobile. Image: oland/Shutterstock

With data breaches becoming increasingly common, Google wants to assure its enterprise cloud customers that their data is safe.

Google recently announced a number of new security features for Google Cloud Platform (GCP) and G Suite to provide sturdier security for organisations and businesses alike.

In years past, many enterprises and organisations previously held concerns about how secure their data would be in the cloud, and this often caused them to drag their feet when it came to cloud storage adoption.

In the more recent past, a myriad of inadvertent data exposure incidents involving cloud storage have left some people spooked as to the safety of their confidential data.

While the data leaks from unsecured storage may not always be down to direct attacks, they are massive exposures that are often caused by errors in establishing the system in the first place.

Protections for the cloud

The VPC Service Controls tool will serve as protection for API-based services and is essentially an additional security layer for GCP.

Vice-president for security and privacy at Google, Gerhard Eschelbeck, explained: “Imagine constructing an invisible border around everything in an app that prevents its data from escaping, and having the power to set up, reconfigure and tear down these virtual perimeters at will.”

Cloud Armor is a new DDoS and application defence service that provides Google’s Load Balancing Service and IP whitelisting and blacklisting tools.

Google also launched its Cloud Security Command Center, which will give organisations a closer look at their security levels across GCP services from App Engine to Cloud Storage. It will scan for attack threats and ensure that unusual alterations of an enterprise’s security settings are flagged. Google will be working with vendors such as Cloudflare and CrowdStrike to detect DDoS attacks and other dangers.

GCP also added updates to the Data Loss Prevention API and new tools for resource management.

G Suite updates to reduce phishing risk

In terms of G Suite, Google now flags emails from untrusted senders with encrypted attachments or embedded scripts by default, and will also note emails that spoof names and expand URLs to look for malicious links.

This aims to reduce spear-phishing and general phishing attacks and, by extension, lower the frequency of email compromises.

There are also new additional security features for Team Drives in Google Drive and more controls for team members who use G Suite on mobile devices.

All in all, the updates show that Google is continuing to prioritise security for its enterprise users.

Google Cloud app on mobile. Image: oland/Shutterstock

Ellen Tannam was a journalist with Silicon Republic, covering all manner of business and tech subjects

editorial@siliconrepublic.com