>
Google Workspace has announced it is upping the ante in its fight against hackers with increased security measures for its business-oriented accounts.
In order to protect users against hijacking attacks which “can have far reaching consequences for the account owner or the organization it belongs to,” Google is introducing a new evaluation step that will request additional verification if an action is deemed “risky.”
If you – or a hacker – are trying to make a change that could have lasting effects, a new “Verify it’s You” prompt will ask for proof that you are the account holder, which could include two-factor authentication (2FA).
Google Workspace security
The company is keen to reiterate that SAML accounts are not affected by this enhanced security change, and only accounts that use Google as their identity provider are supported.
Rollout of the increased security measures has already began, with availability extending to both admin and end users of Google Workspace, and legacy G Suite Basic and G Suite Business customers.
Any suspicious activity will be monitored and logged as an audit, which account administrators can access. For end users, there are no changes beyond potentially a few more verification pop-ups.
Earlier this summer, we wrote about Google’s commitment to protecting its users against cybersecurity attacks, with admin users gaining new notifications every time “critical and sensitive” changes to their configurations are made, including primary admin changes, SSO profile additions, and password resets.
This change was introduced around one month after client-side encryption was enhanced with improved monitoring of data transfers to and from the EU, and will undoubtedly form one of many updates that arrive each year as the tech giant cracks down on cybersecurity attacks.