At the Tokyo edition of Cloud Next ’19, Google announced that the Advanced Protection Program is coming to Cloud enterprise customers. G Suite and GCP users can soon take advantage of the company’s most stringent security measures against phishing.
Launched in 2017, the Advanced Protection Program is designed for users “most at risk” of account takeovers and other targeted online attacks. Like the consumer counterpart, there are three primary components to APP.
Security starts at sign-in, with two-factor authentication/two-step verification from a security key required after entering your username and password. This ensures that you’re really the one signing into your Google Account by verifying a hard-to-spoof token. APP disables other 2FA/2SV methods, including authenticator apps and SMS codes as they can be intercepted.
Google recommends that users register two keys to their account. One is kept on their person for mobile sign-in, while the other is placed in a safe location in case the first is lost. Any FIDO U2F security key works with the program, including Google Cloud’s first-party Titan device, which is now available in four more countries around the world.
Meanwhile, Gmail and Google Drive access by third-party apps that haven’t been been explicitly marked as trusted by your company’s IT admins are blocked. This includes email clients that aren’t Google’s web or first-party clients.
Advanced Protection Program also enables enhanced scanning of incoming email for phishing attempts, viruses, and attachments for malicious content.
APP is available for G Suite, Google Cloud Platform (GCP), and Cloud Identity customers. Administrators can allow high-vulnerability employees — like IT staff and executives — to enroll. It’s ideal for government, finance, and other similar industries.
An enterprise Advanced Protection Program beta will be rolling out in the coming days.