New Gmail, Chat, and Meet Security Features? Yes Please
New Postal Text Scam
July 28, 2020
“Alarming” Ransomware Attacks Identified by Interpol
August 4, 2020
All in favor of additional security? We thought so.
Schools and workplaces have turned into our bedrooms and home offices meaning Google Meet is likely something you’ve used to collaborate remotely with your team. Google is finally “beefing up” security controls.
If you’re the meeting host, you can now control who ‘knocks’ to join your meeting, and if you boot out an attendee, they can’t rejoin by knocking, they can only rejoin by invitation. If a ‘knock’ request has been denied multiple times, the attendee will be automatically blocked.
Hosts also have new ‘advanced safety locks’ allowing them to decide how others join their meeting (via calendar invite or phone) and the ability to gain approval before joining. This safety lock will block users not logged into their Google account or “anonymous users.” The host can also now control which attendee can chat and present, making some of those longer meetings that should have been emails a little bit shorter.
To counteract the increasing popularity of gatecrashing or ‘zoombombing,’ Google has a Meet feature for education that prevents users from joining meetings organized by a G Suite for Education or G Suite Enterprise for Education license. No more party crashers!
Chat in Gmail is gaining “phishing protections,” using a link sent to users, Chat will be “scanned against Google Safe Browsing and flagged if it’s malicious.” Users can also block and report “shady” Chat Rooms.
Data loss prevention is high priority as well, admins can now block users from “downloading, printing or copying sensitive documents from Google Drive,” while also running full scans “of all files within Google Drive and automatically set controls for all users” in G Suite Enterprise, G Suite Enterprise Essentials, and G Suite Enterprise for Education customers.
G Suite security just got a full upgrade! There’s one last new corporate feature we found pretty neat.
Are you looking to have your corporate logo displayed in your Gmail avatar slot? Google just announced a pilot “of a standard it’s backing called Brand Indicators for Message Identification or BIMI,” to do just that. BIMI isn’t just for brand recognition though, it’s also for security.
The BIMI Pilot will require participating organizations to “authenticate their emails using Domain-based Message Authentication, Reporting, and Conformance or DMARC,” which are new G Suite security features to protect Gmail, Meet, Chat, and prevent data leakage from Google Drive.
DMARC will help stop email spoofing and eliminate phishing attacks (something we’re all too familiar with and would love to be rid of). However, adoption and implementation are not easy and has remained low except for US federal agencies with an order requiring its adoption.
Gmail Brand initiative (aka your logo in place of your avatar) might help take DMARC off the ground while keeping email marketing relevant and trustworthy with less phishing. Finally.
By submitting your logo to Certificate Authorities Entrust Datacard and DigiCert to validate ownership (scanned by Google’s anti-abuse checks and verified), your logo will be displayed in your Gmail avatar box.
That’s one step closer to more customer trust, more security, and less phish.
Another way to ensure better security, trust, and less phishing attacks on your organization, is to contact DarkHound SecOps now for your free rapid cybersecurity assessment at (714) 266-3790 or [email protected].
-Emmy Seigler
