New Anti Phishing Security Updates for G Suite

Google recently announced numerous updates to G Suite solution to allow customers keep control over security in applications such as Gmail, Hangouts, Calendar, and Drive. Google states that many of these features are initiated by default and users won't have to do anything to enable them.

Anti Phishing

Google is applying Machine Learning (ML) to develop virus threat indicators and advanced models to identify what could be a phishing attack. These updated phishing security controls can be configured to automatically switch on Google-recommended defenses.

The newly introduced default-on protections are:

• Flagging emails automatically from untrusted senders that have embedded scripts or encrypted attachments
• Warning against emails that try to spoof employee details or that come from domains that look similar to your own domain
• Scanning images for phishing indicators and expanding shortened URLs to nullify malicious links
• Enabling enhanced protections against spear phishing attacks by flagging unauthenticated emails

According to the reports, with these protection updates in place, more than 99.9 % of business email compromises are either automatically sent to the spam box or flagged with anomaly warnings to the users.

Enhanced Authority over Mobile Devices

With Google's new mobile management security settings, basic device management is automatically enabled for users’ mobile devices that access G Suite. This implies that G Suite users don't have to install profiles on Android and iOS devices.

Also, admins get added security management features. These are:

• Analyzing which devices access corporate data in a single dashboard
• Executing passcodes and omitting private data with selective account wipe for Android and iOS
• Automatic protection of Android and iOS devices, with no user intervention or device profiles required

More visibility and insights
Google introduced security centers for G Suite previously. But just a few weeks ago, it announced some additions which are:

• Newly introduced security charts to illustrate OAuth activity and Business Email Compromise (BEC) scam threats that are specifically emphasized on phishing emails that may not include any links
• Mobile management charts to help IT administrators evaluate activity analytics and show when devices have been rooted, hacked or jailbroken, as well as when any other suspicious device activity has been detected
• Options to reorganize the dashboard to focus on what is most crucial for any organization
• Features to analyze your organization's security status and get customized suggestions on security key deployment and protection against phishing scams

Built-in protection and controls for Team Drives. Google is giving drives new security controls to protect highly sensitive data. This data content can be protected by Information Rights Management (IRM) controls.

Some specific updates include the feature of modifying settings for Team Drives to:

• Restrict file access privileges to Team Drives members or only to users within your domain
• Instill IRM controls to prevent users from copying, printing and downloading files within Team Drives

These new data security features for Team Drives will come out over the next few weeks.


So lastly, the newly introduced phishing and mobile management controls will be available across all G Suite versions.