fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Google Workspace Adds New Phishing Protection, Client-side Encryption

Google Workspace Adds New Phishing Protection, Client-side Encryption

Google Workspace (formerly G Suite) has been updated with client-side encryption and new Google Drive phishing and malware content protection.

These new additions are part of a broader effort focused on more robust data security and follow the release of Safe Browsing, a blocklist service that protects billions of devices and users of Chrome, Android, and Gmail.

Google has also recently turned on HTTPS by default for Chrome users and started marking all HTTP sites as “Not Secure” in Chrome, with the release of Chrome 68 in July 2018.

Client-side encryption for greater security and privacy

“Google Workspace already uses the latest cryptographic standards to encrypt all data at rest and in transit between our facilities,” Google said.

“We’re taking this a step further by giving customers direct control of encryption keys and the identity service they choose to access those keys.”

Enabling Client-side encryption for a document will only allow you and your partner who holds the key to access the contents of the encrypted Google Workspace files.

Also Read: PDPA Singapore Guidelines: 16 Key Concepts For Your Business

This makes it especially valuable to orgs storing sensitive or regulated data (e.g., intellectual property, healthcare records, or financial data).

“We’ll be rolling out a beta for Client-side encryption in the coming weeks for Google Workspace Enterprise Plus and Google Workspace Education Plus customers.,” Google said.

While initially rolling out to Google Drive, Docs, Sheets, and Slides, Client-side encryption will also be available across Google Workspace, including Gmail, Meet, and Calendar.

Google Workspace Client-side encryption
Image: Google

If you are interested in testing it as soon as it’s available, you can sign up right now for the beta if you’re an Enterprise Plus or Education Plus customer.

To enable Client-side encryption, you have to choose one of the pre-defined key access service partners (i.e., FlowcryptFuturexThales, or Virtru) for key management and access control capabilities.

You can also build or integrate your own in-house Client-side encryption key service using the key access service API specifications Google will publish later this year.

New phishing and malware protection within orgs

“Every Google Workspace customer already benefits from the built-in protections in Google Drive that help block phishing and malware content from external users and organizations,” Google added.

“In the coming weeks, we’ll be taking this a step further by enabling all Google Workspace admins to implement this protection for content within their organizations, helping to safeguard against insider threats and user error.”

In enterprise environments where these new Google Drive protections are enabled, all suspicious files are automatically tagged and will only remain visible to their owners and the org admins.

Also Read: Data Protection Officer Singapore | 10 FAQs

As a direct result, potentially malicious documents will no longer be shared within the organization, thus drastically reducing the number of users impacted in malicious attacks abusing Google Drive for phishing and malware delivery.

Google Workspace was also updated with enhanced data loss prevention and classification with Drive labels and additional control over secure collaboration in Google Driver using trust rules.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us