You’re reading 9to5Google — experts who break news about Google and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Google on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

At the Tokyo edition of Cloud Next ’19 this July, Google announced that the Advanced Protection Program is coming to Cloud enterprise customers. G Suite and GCP users can soon take advantage of the company’s most stringent security measures against phishing.

Update 11/22: At Cloud Next ’19 in London earlier this week, Google announced that the Advanced Protection Program for enterprise will become generally available over the next two weeks. By default, all G Suite users can enroll in the program unless APP is disabled by admins.


Launched in 2017, the Advanced Protection Program is designed for users “most at risk” of account takeovers and other targeted online attacks. Like the consumer counterpart, there are three primary components to APP.

Security starts at sign-in, with two-factor authentication/two-step verification from a security key required after entering your username and password. This ensures that you’re really the one signing into your Google Account by verifying a hard-to-spoof token. APP disables other 2FA/2SV methods, including authenticator apps and SMS codes as they can be intercepted.

Google recommends that users register two keys to their account. One is kept on their person for mobile sign-in, while the other is placed in a safe location in case the first is lost. Any FIDO U2F security key works with the program, including Google Cloud’s first-party Titan device, which is now available in four more countries around the world.

enterprise Advanced Protection Program

Meanwhile, Gmail and Google Drive access by third-party apps that haven’t been been explicitly marked as trusted by your company’s IT admins are blocked. This includes email clients that aren’t Google’s web or first-party clients.

Advanced Protection Program also enables enhanced scanning of incoming email for phishing attempts, viruses, and attachments for malicious content. In Chrome, Safe Browsing will scan for “risky downloads” associated with certain file types.

APP is available for G Suite, Google Cloud Platform (GCP), and Cloud Identity customers. Administrators can allow high-vulnerability employees — like IT staff and executives — to enroll. It’s ideal for government, finance, and other similar industries.

An enterprise Advanced Protection Program beta will be rolling out in the coming days.

FTC: We use income earning auto affiliate links. More.


Check out 9to5Google on YouTube for more news:

About the Author