Is your company using G Suite? From now on, it’s possible to add executives to Google’s Advanced Protection Program, enabling them to enjoy the same level of cybersecurity that Google has implemented in-house.
The central piece of the puzzle is the fact that a FIDO-compliant security key is required to make it work. As it can be observed from Google’s own employees, these keys have not only helped block all phishing attempts against them, but thanks to their design, they haven’t needed to change their passwords for years.
Karthik Lakshminarayanan, Product Manager Director at Google, is proud to say they haven’t had a single case of account takeover since these keys have been put into use. He asked organisations to identify any high-risk users among their ranks and enrol them in the program, following the company’s own example.
Back in 2017, Google launched the Advanced Threat Program for consumers aimed at high-risk potential targets such as:
– Senior executives
This made it impossible to access their accounts without a physical security key such as YubiKey or Google’s Titan key.
Google’s G Suite program puts certain restrictions in place. For example, by enrolling, only certain apps will be able to utilise Oauth to gain access to Gmail data. Regardless of that, IT admins can still whitelist individual apps and grant them the necessary permissions. If a user wishes for additional apps to be added to the list, this is possible upon discussing it with the IT admin first.