Back in early May, a widespread phishing scam started to spread among Gmail users. The email, which looked realistic to many users, had people grant OAuth access to a web application that was pretending to be Docs. Google quickly killed the web application, but it showed that the company needed to take additional steps to help protect its customers…

Today, Google announced on its blog that it will soon give G Suite customers the ability to whitelist specific OAuth applications. What this means is that the administrator of a company can now explicitly state which third-party web apps users can and cannot access.

This is just another step that Google is taking to help protect customers and their data. By giving G Suite admins this power, they don’t need to worry about a malicious application taking control of an employee’s Google account, stealing valuable company data, and spreading the attack to more people.

G Suite customers should see this new feature roll out to their Admin console in the next couple of days. Google has created a tutorial to help customers learn how to whitelist specific OAuth applications which can be found here.


Check out 9to5Google on YouTube for more news!

FTC: We use income earning auto affiliate links. More.


Check out 9to5Google on YouTube for more news:

You’re reading 9to5Google — experts who break news about Google and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Google on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

About the Author