Google has unveiled a slew of new business-focused data privacy and threat protection offerings, bolstering its cybersecurity arsenal in the never-ending war to stay ahead of attackers.
The tech giant’s latest security enhancements are focused on Google Cloud Platform and G Suite. Google announced a new Cloud Security Command Center for enterprises, virtual private cloud (VPC) service controls for increased data privacy, and Access Transparency Logs to give organizations an immutable audit trail of what’s happening to their data.
Google’s ongoing machine learning advancements made an appearance as well in the more than 20 updates announced for G Suite, including new default-on phishing protections powered by ML. The company also tipped new partnerships to help protect against threats like botnets, cryptocurrency mining malware, DDoS attacks, and suspicious network traffic.
“Every second we mark 10 million [Gmail] messages as spam. Gmail has over a billion active users, which means we can see pretty much any spam campaign and spend a lot of effort to train machine learning algorithms to to recognize them automatically without manual intervention,” said Urs Hölzle, Google’s SVP of Technical Infrastructure.
During a news briefing, Hölzle talked about Google’s end-to-end security strategy that extends from the browser all the way to the server; the company has more than 700 or 800 employees working on security. In recent months Google has announced an Advanced Protection Program for conusmers, Chrome Enterprise improvements, and much more, all of which connect back to the company’s cloud infrastructure in one form or another.
The Cloud Security Command Center, which complements a G Suite security center released earlier this year, is a data risk analysis and threat intelligence dashboard to help enterprises consolidate their cloud visibility. Jennifer Lin, Director of Product Management at Google, explained that the Command Center is designed to help businesses gather threat data and act on it before they result in business damage or loss.
Aside from an overview of how your compute and data resources are deployed across Google’s different cloud buckets, the command center lets admins configure firewall rules, surfacing insights like what data may be open to the internet or contain personally identifiable information (PII), and any applications that may be vulnerable to cross-site scripting (XSS) vulnerabilities. The dashboard is also integrated with security partners including Cloudflare, CrowdStrike, RedLock, Palo Alto Networks, and Qualys to detect DDoS attacks, network intrusions, and other threats all from one place. These capabilities are also enhanced by Cloud Armor, Google’s built-in DDoS defense layer.
“The [command center] will tell you where sensitive data is located and how firewall rules are configured, and ongoing discovery scans view the history of cloud assets to see exactly what has changed in an environment and act on unauthorized modifications,” said Lin. “We can also leverage and act on intelligence from cloud security vendors and built-in ML technology to identify botnets, cryptocurrency mining, etc.”
The bright spotlight on data privacy and the impending changes brought by GDPR also color Google’s latest features dedicated to data transparency. Access Transparency Logs, which Google has long used internally and in consumer-facing audit logs, are now available as a product for businesses. Combined with existing Cloud Audit Logging, they give organizations what Lin described as an “immutable audit trail” into every action taken by Google engineers in your system.
Lin also talked about the value of Google’s new VPC Service Controls. She explained it like a firewall for API-based services on Google Cloud Platform, letting enterprise admins configure private network communication and gain more precise control over user access with the Access Context Manager, which can craft policies based on factors like user location, IP address, and endpoint security status.
“Imagine constructing an invisible border around everything in an application that prevents data from escaping, and leaving the ability to tear down and reconstruct these walls at will,” explained Lin.
Finally, Google ran through a number of ways it’s bolstering security within G Suite. There are new default-on protections including automatic email flagging from untrusted senders that have encrypted attachments or embedded scripts. Google will also now warn G Suite users if a sender is spoofing employee names, scan images for phishing indicators, and offer enhanced spear phishing protection.
These protections are automatically enforced on mobile as well, so employees don’t have to install profiles on Android or iOS devices. Suzanne Frey, Google’s Director of Security, Trust, and Privacy, said all of these features are rooted in AI.
“We’re constantly evolving and pushing machine learning models so we can learn from literally billions of threat landscape indicators and quickly identify the source of an attack in the making,” said Frey. “Info from these self-learning models helps us flag suspicious content like email, and updated phishing controls can switch on the latest Google-recommended defenses.”