Connect with us

Hi, what are you looking for?


Application Security

Google Releases New Security Tools to For ‘Apps’ Users

Google announced on Monday the availability of two new security tools designed to help Google Apps users protect their accounts.

Google announced on Monday the availability of two new security tools designed to help Google Apps users protect their accounts.

According to the company, the new “Devices and Activity” dashboard and the security wizard for Google for Work accounts should make it easier for IT administrators to manage devices, applications and security settings.

The activity dashboard displays a list of devices and locations from which an account was accessed in the past 28 days. It also shows details on the current device that is logged in to the account. When users detect suspicious activities, they can immediately take steps to secure the account.

The security wizard for Google for Work accounts helps users set up and configure security settings in just a few minutes. Customers can utilize the wizard to provide account recovery information, and review permissions and activity on the account.

“This tool prioritizes all administrator settings for security features that end users are permitted to turn on,” Eran Feigenbaum, director of security at Google for Work, explained in a blog post.

Google is increasingly concerned with security in enterprise environments. Last week, the company’s Macintosh Operations Team released “Santa,” a new blacklisting/whitelisting tool for Mac OS X. Santa is just one of the many unofficial Google products designed to help organizations with managing a fleet of devices running Apple’s operating system.

In October, Google introduced a new account protection mechanism called Security Key. Those who want to use Security Key must acquire a FIDO U2F compliant USB device, and enable the feature on their accounts. Once the system is enabled, customers must connect the USB device to their computer and tap it when prompted in the Web browser in order to log in to their account.

Advertisement. Scroll to continue reading.

study released by the company earlier this month shows that account hijacking is a major issue. Researchers have determined that while most takeovers are automated, manual account hijacking is also a problem, with 9 such incidents occurring for every million Google user per day. Phishing websites are highly efficient in such attacks, with a success rate of 45%.

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.