Google this week announced adding new security features to its Google Workspace collaboration and productivity solution, to provide administrators with more capabilities and controls for protecting users and organizations.
Admins can now access VirusTotal reports directly from the Alert Center in Google Workspace, through a new enrichment widget (VT Augment) that will be displayed for notifications that contain supported VirusTotal entities (including domains, file attachment hashes, or IP addresses).
For paid VirusTotal subscribers, an enhanced version of the report will become available, offering indicators of compromise and details on their relations with other artifacts in the VirusTotal dataset; a graph view of those connections; reputation information; geographical and time-spread data; and the ability to launch VirusTotal Enterprise advanced searches with a single click.
“It’s important to note that VirusTotal provides an investigation layer on top of alerts but isn’t being used directly for detection or alerting. No customer information is shared from Google to VirusTotal except when an admin clicks to retrieve a VirusTotal report for a specific entity,” the Internet giant explains.
In the coming weeks, the new feature will become available for Google Workspace Business Plus, Enterprise Standard and Plus, and Education Standard and Plus licenses.
Rolling out in the next few months in Google Workspace is the ability to block users in Google Drive, which will allow users to remove other users’ access to their content, to block others from sharing content with them, and to remove any files and folders that others might have shared with them.
The third security improvement that the company is launching for Google Workspace involves the ability to restrict access to Workspace resources, through app access control (blocking OAuth 2.0 API access) and new context-aware access for both desktop and mobile apps.
A new setting now generally available on Google Workspace allows administrators to block all third-party API access to Workspace. By blocking all OAuth 2.0 scopes, the setting prevents users from signing in with their Google Workspace accounts to third-party apps.
For Google Workspace Enterprise Standard, Enterprise Plus, Education Plus, and Cloud Identity Premium, the company is expanding context-aware access to its own desktop and mobile apps, thus offering increased control over the manner in which users access Google Workspace resources.
Related: ATT&CK v9 Introduces Containers, Google Workspace
Related: Google Readies Redesigned Security Alerts for Google Accounts