WorryFree Computers   »   [go: up one dir, main page]

What’s changing

Starting May 30, 2024, the Calendar API will distinguish events created from Gmail. New and existing events from Gmail that are scheduled for a future date will:

  • Appear with a new event Type “fromGmail” instead of “default”.
  • Include the email recipient as the organizer instead of “unknownorganizer@calendar.google.com”.
  • New “fromGmail” filters for both Events.list and Events.watch will be available.
In Google Calendar clients events from email may be rendered slightly differently to regular events and show a link back to the original email:



Google Calendar limits edits for events from email:



Additional details
If you’re using the Calendar API, we recommend the following to help avoid any disruptions in your applications:
  • Ensure that your code does not apply restricted updates to events with the type “fromGmail”.
    • Temporarily, updates on events with the type “fromGmail” are restricted to the properties reminders, colorId, visibility, status, and extendedProperties. Stay tuned to the Workspace updates blog for more information.
    • Review your code if it filters by eventType for Events.list or Events.watch. Filtering by eventType “default” will no longer return events extracted from emails.
Getting started

Rollout pace

Labels: , , , ,

What’s changing 
Starting today, we’re introducing Gemini for Workspace usage reports in the Admin console. This report gives admins an overarching view of how Gemini is being used in their organization, specifically: 
  • Assigned Gemini licenses, 
  • Active Gemini users, 
  • And the number of users who are using Gemini over time.


Gemini usage reports in the Admin console


These reports will help admins understand how many users are using Gemini features and make informed decisions about expanding Gemini further within their organizations. We plan to introduce more reporting features over time, such as the ability to filter these reports by Organizational Units and Groups.


Additional details
Admins can access these reports via admin  console under Menu > Generative AI > Gemini reports. Visit the Help Center to learn more about reviewing Gemini usage in your organization.


Getting started
Rollout pace

Availability
  • Available for Google Workspace customers with the Gemini Business and Gemini Enterprise add-ons.
We plan to introduce Gemini reports for the Gemini Education and Gemini Premium add-ons in the coming weeks. Stay tuned to the Workspace Updates blog for more information. 
Labels: , , ,

What’s changing

Starting May 28, 2024, the organization name and department will be displayed on personal information cards and in the Contacts sidebar. This information provides helpful context about the people you’re interacting with and displaying this additional information will help you learn more about who you’re collaborating with, and more.



Getting started

  • Admins: 
    • Admins can populate user data via the Admin console or via the Admin SDK API with the list and update commands. You can also visit the Help Center to learn more about adding information to a user’s Directory profile
    • Important note: Some customers may have set both organization name and organization department for their users, where department includes the organization name. We have notified impacted customers via email, but we recommend that you check your settings and update your users’ organization department to prevent duplicate organization names from showing. You can do this via the Admin console or via the Admin SDK API with the list and update commands.

  • End users: End users: You can view this information within Google Contacts (contacts.google.com), while hovering over a user, or from the Contacts sidebar.

Rollout pace

Availability
  • Available for all Google Workspace customers
Resources
Labels: , , , ,

What’s changing 
Last year, we announced in beta the ability to view and edit client-side encrypted Excel files with Google Sheets. Starting today, we’re rolling it out in general availability for select customers.



Additional details
With this release:
  • You can only view and edit .xslx Excel file types — additional Excel and tabular file types are not supported.
  • The maximum supported file size is 100MB.
  • The maximum number of cells that can be opened is 10 million.

As we continue to improve Office editing in encrypted Google Sheets, you may encounter incompatibilities for certain features. Some features are not displayed and/or editable, but will be preserved in the document and viewable in Microsoft Office. Other features may be lost or altered in the latest version of the file when it is edited in Google Sheets. You will see a notification within the document if editing will cause any features to be lost or altered.


Getting started

Rollout pace

Availability

Available for Google Workspace:
  • Enterprise Plus
  • Education Standard and Plus

Resources

Labels: , , ,

What’s changing
Drive log events provide admins with visibility into their organization’s user activity in Drive. Previously, download activity for files triggered by the use of Google Workspace APIs was not visible to admins as a Drive log event. 

Today, we’re adding audit logs for these API-based actions to the security investigation tool and the audit and investigation tool to expand upon an admin’s ability to identify, triage, and take action on security and privacy issues in their domain. 


Getting started 

Rollout pace
  • This feature is now available 


Availability
Available for Google Workspace: 
  • Business Starter, Standard, Plus 
  • Enterprise Standard, Plus 
  • Essentials Starter, Enterprise Essentials, Enterprise Essentials Plus 
  • Education Fundamentals, Standard, Plus, Teaching and Learning Upgrade 

Resources 
Labels: , , , ,

What’s changing 
You can currently filter, sort, and display your Google Meet hardware devices by whether they are online, offline, or experiencing an application load-failure. Today, we’re expanding these parameters to include whether the Calendar and Jamboard services are turned OFF. 


The connection between your Meet hardware devices and these two Google products are critical for connecting and collaborating. Allowing admins to filter for devices that match this criteria will help them identify potential gaps in hardware devices and product configurations, which they can quickly rectify. 


For example, if Calendar is turned off on a Google Meet hardware device, it will no longer show the upcoming meeting list when booked for a meeting. Having the Jamboard* service turned off means that the Desk 27 and Board 65 devices will no longer be able to launch Jamboard directly on the device. These services may have been previously turned off in error, and this new capability allows admins to correct it, making the services available again to their users. Note that Jamboard 55-inch devices are not impacted.

You can filter your devices by going to Menu > Devices > Google Meet hardware > Devices > “Device status” and then select the criteria to filter by.

Getting started

Rollout pace

Availability
  • Available to all Google Workspace customers with Google Meet hardware devices

Resources
*Jamboard will no longer be on these devices starting October 1, 2024. Learn more about whiteboarding in Workspace here.


Labels: , , , , , ,

This announcement was part of Google I/O ‘24. Visit the Workspace Blog for more  about new ways to engage with Gemini for Workspace and the Keyword Blog for more ways to stay productive with Gemini for Google Workspace.

What’s changing

Last year, we introduced AI-powered writing features that help you quickly refine existing work or get you started with something new in Google Docs and Gmail using Gemini for Google Workspace. 

Since then, Help me write has assisted numerous users in drafting content for things like emails, blog posts, business proposals, ad copy and so much more. In fact, 70% of Enterprise users who use Help me write in Docs or Gmail end up using Gemini's suggestions. Today, we’re excited to announce this feature is now available in Spanish and Portuguese. 
Help me write in Google Docs using Portuguese
Help me write in Google Docs using Portuguese

Who’s impacted 

Admins and end users 


Why it’s important 
Users who write in Spanish and Portuguese can now benefit from AI-powered creation in their own language. 
Help me write in Gmail using Spanish

Help me write in Gmail using Spanish

Getting started 


Rollout pace 

Availability 
Available for Google Workspace: 
  • Gemini Business, Enterprise, Education, Education Premium 
  • Google One AI Premium 

Resources 
Labels: , , , ,

What’s changingTo ensure customers with Google Meet hardware devices have sufficient notice about canceled or expired device subscriptions, we’re adding notifications in the Admin console. Depending on your subscription details and timeline, you will see: 

  • A warning banner in the Google Meet hardware section of Admin console when your Google Meet hardware subscription has expired and suspension is imminent. It will include the suspension date. 

  • A warning banner in the Google Meet hardware section of Admin console when your Google Meet hardware subscription has been suspended. 

Meet hardware subscription has been suspended.
  • An on-device suspension warning. 
    • The on-device warning will be ON by default and will begin to appear for customers with imminent suspensions starting May 29, 2024. 
    • To turn the on-device warning OFF, go to Admin console > Google Meet hardware > Settings > On-device suspension warning > Prevent devices from displaying on-screen suspension warnings. 
    • If this box is checked, devices will not display an on-device warning during the 3-day period prior to subscription suspension. 
On-device suspension warning in GMh admin console

On-device suspension warning in GMh Admin Console 

Who’s impacted 
Admins and end users



Why it’s important 
These notifications ensure admins are aware of potential subscription and/or functionality changes for the Google Meet hardware devices in their domain. 



Additional details 
The ‘Provisioning Status’ column and filter will be removed from the Device list page. 



Getting started 
  • Admins: For each Google Meet hardware device you purchase, you also purchase and assign a software license to that device. Licenses allow your device to work with the Google Meet service and gain access to device management tools in the Google Admin console. Visit the Help Center to learn more about licensing.
  • End users: If a on-device suspension warning occurs, people in the room will see a warning when the device is 3 days away from suspension. 
On-device suspension warning on GMh device

On-device suspension warning on GMh device

Rollout pace

Availability 
  • This update impacts all Google Workspace customers with Meet hardware devices. 

Resources 





Labels: , ,

What’s changing 
Using context-aware access, you now have the option to automatically block access to Google Workspace data from compromised Android and iOS devices. A device may be counted as compromised if certain unusual events are detected, including devices that are jailbroken, bypassing of security controls, modification of restricted settings, and more.

Creating a new rule to block compromised mobile devices


Blocking message for compromised iOS and Android devices






Getting started

Rollout pace
  • Block access to Google Workspace data: available immediately for both Android and iOS.
  • Remediation message: available immediately for Android, available on May 9, 2024 for iOS. 

Availability
Available to Google Workspace
  • Enterprise Standard and Plus
  • Education Standard and Plus
  • Frontline Standard
  • Enterprise Essentials Plus
  • Cloud Identity Premium

Labels: , , , ,

What’s changing

We’re simplifying how users turn on 2-Step Verification (2SV), which will streamline the process, and make it easier for admins to enforce 2SV policies in their organizations.  

Here are some of the important changes with this change:

  • Users may add “second step methods” (such as Google Authenticator, or a hardware security key) before turning on 2SV. This is particularly helpful for organizations using Google Authenticator (or other equivalent time-based one-time password (TOTP) apps). Previously, users had to enable 2SV with a phone number before being able to add Authenticator.

  • Users with hardware security keys will have two options to add them to their account on the “Passkeys and security keys” page:
    • ‘Use security key”: this registers a FIDO1 credential on the security key even if the key itself is FIDO2 capable.
    • ‘Create passkey and follow instructions to “use another device”: this registers a FIDO2 credential on the security key, and will require users to use the key’s PIN for local verification (this creates a passkey on the security key).
    • Note: users will continue to be asked for their password along with their passkey if the admin policy for “Allow users to skip passwords at sign-in by using passkeys” remains turned OFF (this is the default configuration).

  • If an enrolled 2SV user turns 2SV OFF from their account settings, their enrolled second steps (such as backup codes, Google Authenticator, or second factor phone) are not automatically removed from their account. Before this change all second factors would be removed when the user turned 2SV off. Note: When an administrator turns off 2SV for a user from the Admin console or via the Admin SDK, the second factors will be removed as before, to ensure user off-boarding workflows remain unaffected
Getting started
Rollout pace

Availability
  • Available to all Google Workspace customers and users with personal Google accounts 

Resources

Labels: , , ,

What’s changing 
We’re making it easier to manage your AppSheet users with the introduction of AppSheet Organizations. An AppSheet organization creates organization administrators with a centralized tool to manage all of the teams in the organization and delegate team management responsibilities to team administrators. 

This chart shows the hierarchical relationship between an organization, and its teams and members. 




An organization is based on a Workspace organization and is tied to your primary domain. One organization can contain multiple teams based on Google groups and Workspace organizations.


Who’s impacted
Admins


Why you’d use it
AppSheet organizations significantly simplify the management of users and policies across all their AppSheet teams. Admins can:
  • Access self-serve tools to make changes that formerly required manual Support team intervention.
  • Create and manage organization-level policies that apply to all teams and manage individual team policies.
  • Create new teams with distinct admins, users and policies as needed. Admins can also independently assign or remove team, root, or organization administrator roles of any user.

Additional details
Support for non-Google authenticated users
For new and existing customers with AppSheet Organizations, any user from your verified primary or secondary domains that does not authenticate through Google will be shown in your domain-based teams alongside any group-based teams that have been created. These users will be subject to the same policies and team settings that apply to your users that authenticate through Google.


Getting started

Rollout pace


Availability

Resources

Labels: , , ,

What’s changing 
For Google Workspace editions that support 100,000 viewers, we’re increasing the availability of the Google Meet ultra-low latency viewing experience for live streamed meetings from the first 10,000 viewers to the first 25,000 viewers. All additional viewers will have the standard live streaming experience. This update is available for live streams within your organization on web and mobile. 


With the ultra-low latency viewing experience, you’ll notice improvements such as a virtually lag-free streaming experience, significantly increased speaker video resolution, improved automatic camera cuts that focus on the most relevant speakers and content, and more. For more information about the ultra-low latency viewing experience, check out our original announcement as well as a recent announcement with more information about improvements.


Getting started
  • Admins: Visit our Help Center for more information turning live streaming on or off for Meet.
  • End users: When enabled by your admin, use the Help Center to learn more about live streaming a video meeting. 
    • Viewers: You can join streams as before. Reactions, polls and live Q&A work just as they do in a regular Meet video meeting. Visit the Help Center to learn more about viewing a live stream.
    • Live stream hosts: Live streams are scheduled and managed just like before. Reactions, polls and live Q&A are integrated with the Meet call and managed like usual. Automatic camera cuts are triggered by speaker activity without any host action required.
Rollout pace
Availability
  • Live streaming is available for Google Workspace:
    • Enterprise Standard, Enterprise Plus 
    • Enterprise Essentials Plus 
    • Education Plus and the Teaching and Learning Upgrade
  • Live streamed meetings can be viewed by Google Workspace:
    • Business Starter, Standard, and Plus
    • Enterprise Starter, Standard, and Plus 
    • Education Fundamentals, Standard, Plus, and the Teaching and Learning Upgrade
    • Essentials Starter and Essentials users.
  • Not available to users with personal Google accounts.
Note: For some customers, these changes may roll out at a slower rate and they may not receive this update for several months.



Labels: , ,

This announcement was part of Google Cloud Next ‘24. Visit the Workspace Blog to learn more about the next wave of innovations in Workspace, including enhancements to Gemini for Google Workspace.

What’s changing

AppSheet helps users automate manual workflows by integrating with data sources like Google Drive and Sheets, and today we’re excited to announce its integration with another data collection tool in Workspace: Google Forms.


Many companies rely on the data collected via form submissions when they are performing tasks for ticketing or incident reporting. However, prior to today you could only view information from form submissions via email, spreadsheet, or in the Forms app itself.


With this update, Google Forms submissions can act as event triggers within AppSheet Automations. These automations can then take many different actions, such as sending notifications or approval requests to Gmail or Google Chat, or even calling a custom Apps Script function. 
Build AppSheet automations using Google Forms is now available in beta


Who’s impacted 
Admins, end users and developers 


Why you’d use it 
This integration enables users to receive actionable notifications based on responses to Google Forms.


Getting started 
  • Admins: 
    • AppSheet admins can use AppSheet’s Policy Engine to control access to this feature by App Creators in their organization. Visit the Help Center to learn more about policy enforcement in AppSheet policies and specific guidance on preventing app creators from using Google Forms
    • This feature is available as an open beta, which means AppSheet app creators can use it without enrolling in a specific beta program. 
  • Developers and end users: Visit the Help Center to learn more about building automations using Google Forms. 

Rollout pace 

Availability 
Available for Google Workspace: 
  • Business Starter, Standard, Plus 
  • Enterprise Standard, Plus 
  • Enterprise Essentials Plus 
  • Education Fundamentals, Standard, Plus and the Teaching & Learning Upgrade 
  • Frontline Starter, Standard 
  • AppSheet Starter, Core, Enterprise Standard, Enterprise Plus 
Resources 
Labels: , , , ,

What’s changing 
Directly from the Admin console, admins can remotely set custom configs for managed iOS apps on end-user devices for their enterprise using Google Mobile Device Management. Managed configurations are applied using XML property lists and the same app can be configured differently across different domains, groups, or organizational units (OUs).

Creating the app configuration using XML information


Applying the configuration


Who’s impacted
Admins and end users


Why it’s important
Prior to this update, mobile app configuration was only available for managed Android devices. Beginning today, Workspace admins can use Managed App Configuration to set custom app configurations and deploy them to manage iOS devices across their organization. This gives admins the flexibility they need to create safety parameters that align with the various needs of users across their organization.




Getting started

Rollout pace

Availability

Labels: , , , , ,

What’s changing 
Launching first to beta, we’re introducing data loss prevention rules for Gmail. Data protection rules help admins and security experts build a stronger framework around sensitive data to prevent personal or proprietary information from ending up in the wrong hands. This functionality is already available in Google Chat and Google Drive, and in Gmail you’ll be able to create, implement, and investigate rules in the same manner. 


Admins can create data protection rules to flag sensitive information from leaving your organization. These rules are applied to outgoing messages sent internally or externally and admins can choose whether all content (including attached files and images), the body of the email, email headers, or subject lines should be scanned. You can configure your rules to look for sensitive text strings, custom detectors, or select predefined detectors. If a message violates a rule, admins can choose to:

  • Block message — the sender will receive a notification about message delivery failure and more information about the policy they violated.
  • Quarantine message — the message will require review and approval by an admin before delivery. If the message is rejected by an admin, the user may receive a notification about it.
  • Audit only — the message is delivered, but it is captured in rule log events for further analysis. This is particularly advantageous because it allows admins to assess the impact of rules before introducing them to your end users.

Data loss prevention for Gmail are available for select Google Workspace customers (see the “Availability” section below) — no additional sign-up is required to use the feature. 

Create data protection policies for Gmail alongside Drive and Chat

Build flexible conditions with selection of predefined and custom detectors of sensitive information

Set up a rule with Audit Only action applied to messages sent outside of organization. The severity level for event logging is set up to ‘Medium’ and alerting via Alert Center is turned on 

Detailed information about the event in the Alert Center

Overview of DLP incidents in the Security Dashboard with further option to investigate audit logs in detail

Who’s impacted
Admins and end users



Why it’s important

In addition to detecting sensitive content, DLP in Gmail offers additional benefits such as:

  • Simplified deployment and data protection policies management with rules for Gmail, Drive and Google Chat unified into the same area and workflow.
  • Advanced detection policies with flexible conditions, wide selection of predefined detectors for global and regional information types, custom detectors (Regular Expressions and word lists), targeting on specific parts of a message (header, subject, body). 
  • Granular configuration of policies scope, defining sender audiences (at domain, OU, and group levels) and recipient audiences (internal, external, both).
  • Actions with various levels of restriction such as block delivery of message (Block), quarantine message for review (Quarantine), and log event for future audit (Audit only).
  • Tools for incident management and investigation such as the Alert Center, Security Dashboard and Security Investigation Tool.


Additional details
How does DLP in Gmail compare to Content Compliance rules?
Content compliance in Gmail does offer similar functionality in that you can create rules to prevent messages that contain specific content from being sent. However, unlike DLP in Gmail, admins have no way to preview the impact of these rules before deploying them broadly.


Further, content compliance offers a variety of features that are better suited for filtering content. For example, you can:
  • Set up a metadata match on a range of IP addresses, and quarantine messages from IP addresses outside of the range.
  • Route messages with content that matches specific text strings or patterns to a specific department, suited the best to process information.

Getting started
  • Admins: 
    • Data loss prevention rules can be configured at the domain, OU, or group level. DLP rules can be enabled in Gmail in the Admin console under Security > Access and data control > Data protection. Visit the Help Center to learn more about controlling sensitive data shared in Gmail.
      • Note that you can modify existing DLP rules for Drive and Chat to also apply to Gmail. 
    • DLP events can be reviewed in the Security Investigation Tool or Security > Alert Center, if alerts are configured in rules.


    • We recommend selecting “Audit only” when you’re setting up a rule. When selected, messages that match the conditions of a rule will be delivered with the detection being logged. This allows you to rest new rules and monitor their performance, or to passively monitor the  environment without interrupting email flow for your users.

    • Note on asynchronous and synchronous scanning: With DLP for Gmail, data protection rules are scanned asynchronously, which means that the message is blocked or quarantined after it leaves the sender’s mailbox and before being dispatched to the recipient. We’re working on the ability to scan data protection rules synchronously when a user hits “Send” in order to notify users about sensitive content before the message leaves their mailbox. 


    • Please share your feedback on this feature with us — this will help us continue to improve the experience as we move through beta and toward general availability. You can share your feedback by selecting the “Send feedback” button located in the bottom left corner of your screen of any data protection related page in the Admin console.


  • End users: When configured by your admins, you’ll be notified if your message contains information that violates a DLP rule

Rollout pace
Availability
Available to Google Workspace:
  • Enterprise Standard, Enterprise Plus
  • Education Fundamentals, Standard, Plus, and the Teaching & Learning Upgrade
  • Frontline Standard
  • Cloud Identity Premium customers

Labels: , , , ,

What’s changing 
As part of an ongoing series of improvements for managing Google Meet hardware devices, we recently announced that we would begin capturing application load failures across Meet hardware devices. Beginning today, you can now opt-in to receive email or text message notifications when these failures occur. Subscribing to alerts can help you stay on-top of what’s happening across your hardware fleet and quickly take action to resolve these issues.


Getting started

Rollout pace
  • Rapid and Scheduled Release domains: Extended rollout (potentially longer than 15 days for feature visibility) starting on April 25, 2024. We anticipate rollout to take around six weeks to complete.

Availability
Labels: , , , ,

What’s changing
We recently announced the ability to import data from other messaging platforms using the Google Chat API. To build upon this, we’re excited to announce a new migration solution from CloudFuze that enables you to import data from Slack into Google Chat. 

With this integration, you can move messages and memberships from Slack channels into Chat spaces. CloudFuze also imports data while maintaining historical timestamps to ensure users can start using spaces right where they left off.
Import data from Slack to Google Chat using CloudFuze


Who’s impacted 
Admins and developers 


Why you’d use it 
Developed in collaboration with Google Workspace, CloudFuze imports your knowledge repository from Slack into Google Chat. 


Additional details 
To import user data from other messaging platforms into Google Chat, please review the original blog post on how to create a Chat app to migrate data. 

Visit the CloudFuze resource page to learn more about user integrity preservation, optimum Cloud Authentication, migration security and more. 


Getting started 

Rollout pace 

Availability 
  • Available to all Google Workspace customers. Note that a separate CloudFuze licensing is required to enable data migrations. 

Resources 
Labels: , ,

What’s changing 
You can now use client-side encryption as a condition for a data loss prevention (DLP) rule. As with other DLP rules, you’ll be able to configure: 
  • If users are warned before sharing externally. 
  • If users are blocked from sharing externally. 
  • The ability to download, print, or copy the document are disabled for commenters and viewers. 
  • Whether these events should be sent to the Alert Center for further investigation. 

Client-side encryption goes beyond the latest cryptographic standards used by Workspace by giving organizations authoritative control and privacy as the sole owner of private encryption keys and the identity provider of the encryption keys. Combining client-side encryption with DLP rules help our admins build an even stronger framework around sensitive data and information.


Getting started
Rollout pace


Availability
Available for Google Workspace:
  • Enterprise Plus
  • Education Standard and Plus


Resources

Labels: , ,

What’s changing 
We’re enhancing the experience for client-side encrypted Google Meet calls to include support for inviting external participants, including users without a Google account. Admins will need to turn on access for external participants and determine which identity provider the guest uses to join.




Who’s impacted
Admins and end users


Why it’s important
Meet already encrypts all of your data at rest and in transit between our facilities — client-side encryption gives users direct control of their encryption keys and the identity service that they choose to authenticate for those keys. Adding support for external participants means customers can collaborate with any of their stakeholders safe in the knowledge that only the meeting participants can decrypt the call media. This feature further extends the privacy and compliance capabilities of Google Meet and is the latest security enhancement, alongside encryption for in-meeting chat messages, co-host support, and the ability to join an encrypted meeting from a mobile device. For more information about client-side encryption for Google Meet, see our original announcement.


Getting started
  • Admins: Admins will need to update their IdP/KACLS configurations to open up for external participants and determine which third-party Identity Providers they can use to join a client-side encrypted meeting. Visit the Help Center for more information on providing external access to client-side encrypted content.

  • End users: 
    • Organizing encrypted calls: To turn on client-side encryption for a meeting, go to a calendar event with Meet video conferencing, navigate to Settings (cog-wheel  icon) > Security and select “Add encryption”
      • Contact your administrator to learn about your organization's policies and which external identity services and guests have been configured to allow access. Visit the Help Center to learn more about inviting participants to client-side encrypted meetings.
      • Note that only directly invited participants can join client-side encrypted meetings.

    • Joining encrypted calls: External users will validate their identity using a method supported by the Identity Provider. Authentication methods vary between providers. Some common options could be to log in with an account from e.g. Google or Microsoft, or by receiving an email with a one-time password. Visit the Help Center to learn more about client-side encrypted meetings.
Rollout pace

Availability
Available to Google Workspace:
  • Enterprise Plus
  • Education Standard and Plus
Labels: , , ,