Google recently announced at its cloud conference in Tokyo that it will begin offering “high-risk” G Suite accounts a version of its own, enhanced in-house security.
Called the Advanced Protection Program, the set of security protocols is currently rolling out to G Suite users in a beta program.
The program requires the use of physical security keys to access accounts, in addition to a password, and it blocks any third-party apps that haven’t been whitelisted by G Suite administrators.
It also includes a more advanced email scanning method for virus threats and prohibits certain file types from being able to be downloaded.
The enhanced security also makes it harder for a user to recover an account on a new device. Users who lose both their security keys will need the help of an admin to recover the account, in an aim to thwart hackers from using automated recovery tools to access a G Suite account.
Using the service means each account will need two keys, with a button that must be pressed to unlock the account. One key is used to log in and the other is a backup in case the first key is lost. There’s no cost associated with the program except for the keys, which run about $50.
The keys use the FIDO U2 (Universal Second Factor) standard. According to the FIDO Alliance, the industry association behind the standard, “FIDO standardizes the authentication protocol used between the client and the online service. The protocol is based on standard public key cryptography – the client registers a public key with the online service at initial setup. Later, when authenticating, the service verifies that the client owns the private key by asking it to sign a challenge. The protocol is designed to ensure user privacy and security in the current day state of the internet.” (source)
The ultimate layer of security – even if you loose access to your accounts you can still access your data with UpSafe Cloud backup service
We work for your security