Google’s Advanced Protection Program for Enterprise

Blog post announcing the Advanced Protection Program for Enterprise

Google’s Advanced Protection Program website


Hi everyone its Fintan Murphy here from Damson Cloud. This week I want to talk about an announcement from Google about their advanced protection programme

Now some of you may be aware of the advanced protection programme, which has existed for a year or so, but now Google has released it for enterprises and it’s available for all additions of Google Workspace (formerly G Suite). The advanced protection programme is essentially trying to protect end users accounts on. When it comes to security, we always say it’s a balance between protecting your account and the security and your account on the convenience of access. Users always wants to be able to access their accounts from anywhere and any device, but they also want the highest security on those two things don’t really go together. So we’ve got to give up a little bit of convenience in order to make sure that our accounts are more secure. The the advanced protection programme from Google is designed to protect particular high risk users, so employees who are it admins or executives or maybe have access to sensitive financial information, whose accounts need an additional layer of protection.

So what is the Advanced Protection Programme? Well, it has four key elements. The first is a security key and it enforces, the user to use a security key as a factor or second factor of authentication and security keys are considered one of, if not the best way to protect your account against hacking. So it’s a physical key, a usually a USB device although you can get wireless ones as well for your mobile devices. That will act as a second factor of authentication. So as well as your username and password. There’s also this other factor of identification. And you may have used methods like this with getting a text message on your phone or with your bank having one of those little security keys where you’ve got to put in a code. So it’s a similar method to that. Um, but it’s got to be with your, computer, it’s got to be physically connected to your device.

So that’s the, that’s the first one. Google has actually, em, released last year their own security key, the Titan security key that you can buy now from the Google store. The secondary a is automatically blocking non white listed apps. So within the admin panel, uh, it admins can whitelist certain applications that are allowed to access your account. And one of the dangers of adding additional, uh, applications, which users can do is that you have to give them access, uh, often to certain areas of your account. And depending on what the application does, you know, if it’s something maybe within your Google drive that adds a, an additional workflow, you often have to actually give that app access to your full Google drive environment. And so again, for an executive or for someone in the finance team or a user that has access to sensitive data, not may not be something that you want.

And so what this does is it blocks that for non white listed apps. So the IT team has to have whitelisted an application in order for an end. This end user who is part of the advanced protection programme to be able to add that application. The last two already is around enhanced scanning of email threats. And so there’s an extra layer of emails scanning that Google has put on too users that are part of this programme. And then the last one is a new feature within chrome that will actually stop or, um, warn the user about particular files that they’re attempting to download when they’re signed into Google chrome. I think for, for IT teams, what Google are doing here is just packaging together all of the, the tools and features that they feel as Google best protect end users. And I think it’s an excellent idea to just make it easy and simple for it teams to say, okay, these are the users that we need to really protect. So we’re going to add them now to the advanced protection programme. Take a look at the advanced protection programme websites where Google has a huge amount of information on the programme itself, how you can enrol and get going yourself and start testing some of these things out. I would recommend that you take a look at the Titan security keys as well. They’re an excellent way to protect your end user accounts and very, very cost effective as well. When we think about security, as I said, there is that balance between convenience, and securing your accounts. And I think the security keys do a good job of that because you can have that physical key with you and have that second factor of authentication on your account without it having to be, you know, the inconvenience of like getting a text message and having to put in a code. All you’ve got to do is tap the key and it signs in. So it’s a way of getting that security with some of that convenience as well. That’s it for me. I hope you enjoyed this week’s update and I’d be interested to know what you think of Google’s advanced security programme itself. And also the announcement that it’s coming to enterprises.

Training Video