Google announced an expansion of Google AI into their Workspace product, promoting zero trust and digital sovereignty controls.
The announcement details steps they are taking to ensure customer data in Google Workspace.
What’s novel about their system is that it incorporates AI-powered defenses.
According to Google:
“The sheer scale of modern attacks and the sophistication of motivated adversaries are something that legacy productivity solutions can’t keep pace with.
There is a better way — a cloud-native architecture rooted in zero-trust principles and augmented with AI-powered threat defenses.”
Google offered statistics to prove their Workspace systems are secure.
They claimed zero known exploits from vulnerabilities and 41% fewer security incidents than other email systems.
One of the innovations of Workspace is the ability to liberate users from having to depend on VPN, tunneling through secure networks, as a security measure, notably with what Google calls, context-aware access (CAA).
A customer explained how CAA worked to enable more access while simultaneously ensuring total security.
They were quoted:
“Context-Aware Access (CAA) has helped us manage our risks by not making access a binary choice, but allowing for more flexibility in access policies and allowing them to be applied to the right people, applications, and data. Since using CAA, we’ve been able to allow our users to use more of Google Workspace for a broader set of scenarios with more confidence in the safety of that work.”
New capabilities enables greater control over data use and who has access to it.
Google AI is used to classify and label Google Drive data to protect it from
Leveraging Google AI to automatically and continuously classify and label data in Google Drive to help ensure data is appropriately shared and protected from having the data copied or removed by threat actors.
IT and set permission levels by device location or security status in order to lock down how data is shared.
These capabilities are extending to Gmail:
“Extending enhanced DLP controls to Gmail: Already available in Google Chat, Drive, and Chrome to help security teams control sharing sensitive information inside and outside the organization, enhanced DLP controls are coming to Gmail and will be available in preview later this year.”
Other improvements are:
- Client-side encryption (CSE) to prevent access from outside the company, including keeping the data away from Google and “foreign governments.”
- Companies can select the country in which the encryption keys are stored, as well as where the data is stored and processed in order to comply with local regulations.
Read Google’s announcement:
Featured image by Shutterstock/monticello