Google Cloud’s rebranding of G Suite as Google Workspace, announced last week, comes with new security and privacy updates to help prevent malicious behavior and protect organizations’ data while using its productivity and collaboration tools.
The new security features for Workspace, which includes Gmail and the Google Calendar, Meet, Chat, Drive, Docs, Sheets, Slides, Forms and Sites tools, are designed to facilitate safe communication and give systems administrators more visibility and control, according to Karthik Lakshminarayanan, Google Workspace’s director of product management.
“Our security features help you create flexible workspaces that scale, no matter what device or browser you are using,” Lakshminarayanan said in a blog post today. “At the same time, we want to make sure security doesn’t get in the way of you accomplishing your goals, but rather helps you easily protect the data that‘s so critical to your organization.
New Meet safety features
Google Cloud will add features including new classification, audit logging and detection capabilities that are aimed at combatting abuse in Google Meet, its real-time meetings tool. Those features will be added in the coming weeks, according to Lakshminarayanan.
“To prevent abusive users from disrupting your meetings, we classify users that were marked abusive and ejected from prior meetings, and prevent similar users from joining your meetings in the future,” he said.
The new capabilities will allow Meet to automatically detect abusive display names or codes and then prevent those users from joining.
Systems administrators will get access to audit logs of instances when their users report abuse within Meet, allowing them to investigate the sources.
Chat security updates
To keep abusive users from disrupting meetings in Google Chat, Google Cloud is making security features generally available in the coming weeks to help admins monitor and manage its use.
New audit logs will allow them to keep informed of and target potentially malicious behaviors that could include phishing or data infiltration in Chat.
“We’re also classifying spammy or abusive Chat rooms as such to help ensure that your users aren’t added to those rooms,” Lakshminarayanan said. “For a holistic view of actions taken across Google Workspace products, admins can see logs related to Chat, Meet, Groups, Calendar and Voice in the security centre’s investigation tool.”
The security center is included with Google Workspace Enterprise edition.
Gmail security insights
Google Cloud is increasing admins’ visibility into data security issues to help them protect their organizations’ data.
Audit logs became generally available last month for Gmail, allowing admins to see when users enable email auto-forwarding outside of their domain and take action to prevent potential data loss from a policy violation, malicious insider or hijacked account.
Now Google Cloud will launch data protection insights in general availability next week to proactively create reports to help admins understand sensitive information – including sensitive data types and Google Drive files with sensitive content -- stored in their organization.
“These insights help you act on the visibility you have, providing information that can help you make more informed decisions about how to protect your organization’s data,” Lakshminarayanan said.
Google produces the custom reports by performing proactive data loss scans for all Drive files based on a set of 50 predefined content detectors.
Redesigned rules page
Google Cloud said it’s redesigning the rules page in the Google Workspace admin console to centralize rule discovery, creation and management for Google-provided rules and custom rules.
“As part of this redesign, we’re also bringing together activity, data protection, device management, reporting and system-defined rules to consolidate security rules into a centralized experience for increased visibility and convenience,” Lakshminarayanan said.
Google Cloud also will generally release customizable templates that allow admins to quickly create and set up rules based on its best practices.
“These enhancements build off of our recent improvements, including new time series charts that show rule log events history for data protection rules (now in alpha) and advancements to make triage faster with people cards in Alert Center (now generally available),” Lakshminarayanan said.
ISO/IEC 27701 certification
Google Workspace is the first major productivity suite to receive an accredited ISO/IEC 27701 certification as a data processor, Google Cloud announced today.
ISO/IEC 27701, published in 2019 by the International Organization for Standardization, is a global standard designed to help organizations comply with international privacy frameworks and laws concerning the collection and processing of personally identifiable information.
“It provides guidance for implementing, maintaining and continuously improving a privacy information management system and can be used by both data controllers and processors -- a key consideration for organizations that must align with the GDPR (Europe’s General Data Protection Regulation),” Lakshminarayanan said.
The accredited ISO/IEC 27701 certification provides Google Workspace customers with benefits including simplified audit processes, universal privacy controls and greater clarity around privacy-related roles and responsibilities, he said.
In June, Google Cloud had said it was the first major cloud provider to earn the ISO/IEC 27701 certification for Google Cloud Platform as a data processor.
Google Vault updates
Google Cloud soon will release a redesigned user interface for Google Vault, which enables data retention and eDiscovery in Google Workspace Business and Enterprise editions.
The updated user interface will include workflow enhancements such as text filters and side-panel content navigation designed for faster content reviews.
Google Cloud also will expand the Google Workspace services covered in Google Vault with support for Google Voice data. The move will enable search, holds and retention of specific Google Voice data.