Endpoint

4/25/2018
04:30 PM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
100%
0%

Google Adds Security Features to Gmail Face-lift

A redesigned Gmail brings new security measures to improve data protection and applications for artificial intelligence.

Google today announced a wave of G Suite updates, most of which focus on Gmail. The email service is getting a new Web look, advanced security features, artificial intelligence applications, further integrations with apps across G Suite, and management changes in Tasks.

"This week's [changes] are about giving users more agency in the cloud," explains Suzanne Frey, Google's director of security, trust, privacy, and compliance.

One of the new features is Gmail confidential mode, which lets users protect sensitive content by creating expiration dates or revoking previously sent emails.

"These are additional controls available on an email-by-email basis," she continues, noting that emails can be revoked even after they're viewed. "Think of it like a Drive file. If you share a Drive file with someone and remove access for them, it works in the same way."

Users can also require recipients to provide additional authentication to view messages, which makes it possible to protect data even if a recipient's email account has been hijacked and the message hasn't been deleted. Even if an account has been hijacked, an attacker would have to have access to the victim's phone and mobile password to view the SMS and open the email.

Google is also introducing built-in information rights management controls so users can remove the option for recipients to download, copy, forward, or print emails, decreasing the risk of messages being shared to third parties.

Security alerts also have been redesigned to be larger and bolder, with simpler messaging so users understand when an email has been flagged or a security threat is imminent.

Users will be able to access these new email security capabilities by clicking the padlock icon on the bottom of their email screens. The security advancements announced today will eventually be available to G Suite users and consumers. Right now, access is limited to enterprise users in the early adopter program; Frey says general availability will start in the coming weeks.

The Gmail update includes new artificial intelligence applications, including Nudging, Smart Reply, and high-priority notifications. Nudging reminds users to follow up and respond to messages, and Smart Reply, a feature released in May 2017 to suggest quick email responses, is arriving on the Web in addition to mobile. Smartphone users can also enable high-priority notifications on Gmail so they are only alerted to important messages.

Today's security updates build on those from last month, when Google rolled out phishing protections designed to prevent business email compromise (BEC), a growing enterprise threat, by warning users of potential attacks or automatically moving messages to the spam folder.

Those capabilities have driven an increase in Google's security data, which it in turn can use to improve defenses, Frey says. "The more signals we get, the more signals spam and phishing protection gets." Now, she reports, 99% of BEC scenarios are automatically moved to spam.

Back in January, Google launched the Security Center for G Suite Enterprise with the intention of giving admins a central dashboard to view data and gauge their security posture. The center provides detailed metrics for employees' devices; for example, the types of phishing emails received and who is receiving the most. Admins can also view guidance for managing devices.

Related Content:

Interop ITX 2018

Join Dark Reading LIVE for a two-day Cybersecurity Crash Course at Interop ITX. Learn from the industry’s most knowledgeable IT security experts. Check out the agenda here. Register with Promo Code DR200 and save $200.

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
shopicsoe
50%
50%
shopicsoe,
User Rank: Apprentice
11/2/2018 | 7:31:43 AM
Re: No nudging, please!
I have an HP printer and Windows 8. I ended up with a print job that wouldn't delete. I tried your fix for win 8 but access was denied. I finally found this little download from HP Photosmart printers which did the trick. If you don't trust the link just go to the HP printer support for your version. 
jackdenial
50%
50%
jackdenial,
User Rank: Apprentice
10/15/2018 | 4:06:14 AM
Google Adds Security Features to Gmail Face-lift
I like this feature of Google Adds Security in Gmail account. With the help of this feature, we can protect our data and these features are also great like amazing Web look, advanced security features, and management changes in Tasks. I didn't Recover Gmail Password then I checked my mail for reset Gmail password link and recover my password. 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
4/28/2018 | 8:41:58 PM
G-suite
Security Center for G Suite Enterprise with the intention of giving admins a central dashboard to view data and gauge their security posture. G-suite admin dashboard helps a lot, they play catch up with Microsoft.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
4/28/2018 | 8:34:36 PM
AI?
The Gmail update includes new artificial intelligence applications, including Nudging, Smart Reply, and high-priority notifications These are less AI realated more algorithms designed to achive that.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
4/28/2018 | 8:33:02 PM
Re: No nudging, please!
Yes, this may be a problem if users do not have enough control over these settings.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
4/28/2018 | 8:31:44 PM
expiration
One of the new features is Gmail confidential mode, which lets users protect sensitive content by creating expiration dates or revoking previously sent emails. This is really big when it comes to g-suite vs. outlook in the enterprises.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
4/26/2018 | 5:29:34 AM
No nudging, please!
> Nudging reminds users to follow up and respond to messages

Great. As if I'm not hounded enough by PR people... ;)
How the US Chooses Which Zero-Day Vulnerabilities to Stockpile
Ricardo Arroyo, Senior Technical Product Manager, Watchguard Technologies,  1/16/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The Year in Security 2018
This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-6497
PUBLISHED: 2019-01-20
Hotels_Server through 2018-11-05 has SQL Injection via the controller/fetchpwd.php username parameter.
CVE-2018-18908
PUBLISHED: 2019-01-20
The Sky Go Desktop application 1.0.19-1 through 1.0.23-1 for Windows performs several requests over cleartext HTTP. This makes the data submitted in these requests prone to Man in The Middle (MiTM) attacks, whereby an attacker would be able to obtain the data sent in these requests. Some of the requ...
CVE-2019-6496
PUBLISHED: 2019-01-20
The ThreadX-based firmware on Marvell Avastar Wi-Fi devices allows remote attackers to execute arbitrary code or cause a denial of service (block pool overflow) via malformed Wi-Fi packets during identification of available Wi-Fi networks. Exploitation of the Wi-Fi device can lead to exploitation of...
CVE-2019-3773
PUBLISHED: 2019-01-18
Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported versions of all three projects, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.
CVE-2019-3774
PUBLISHED: 2019-01-18
Spring Batch versions 3.0.9, 4.0.1, 4.1.0, and older unsupported versions, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.