(Cross-posted from the Google Security Blog)


Launch Details
Release track:
Launching to both Rapid release and Scheduled release

Editions:
Available to all G Suite editions

Rollout pace:
Full rollout (1-3 days for feature visibility)

Impact:
All end users

Action:
Change management suggested/FYI
More Information
The Keyword: Gmail blog
Anti-virus scanning attachments

As part of Gmail's continued efforts to make email more safe and secure for our users, a new advanced security feature is being added to Gmail. Last year we announced the inclusion of security warnings when users attempt to access a dangerous site. With this new feature, we are improving the timeliness of phishing identification.

Delayed delivery of email messages with suspicious content

Phishing attempts follow a predictable pattern when you look at them in aggregate, and Gmail’s security experts have developed a new algorithm that flags and delays potentially suspicious messages.This selective delay facilitates additional checks on the content of the message prior to delivery and benefits from real time updates to the spam filter — as well as up to date phishing protection from Google’s Safe Browsing technology.

Considerations

• Because Safe Browsing must test the results of the link, emails can be delayed by up to 4 minutes.
• This feature is not a replacement for anti-malware/phishing software, and we do not recommend using it in place of your organization’s existing security software.

Opting out: This feature can be controlled from the Admin console, and is launching as as default On. If you do not wish to delay email to your users for any reason, you can disable the feature from the Admin console. Learn more

Launch Details
Release track:
Launching to both Rapid release and Scheduled release

Editions:
Available to all G Suite editions

Rollout pace:
Full rollout (1-3 days for feature visibility)

Impact:
Admins only

Update: In an earlier version of this launch announcement, the new Gmail security feature was described as launching default off. This feature is actually launching default on, with the ability to turn it off in the Admin console. This announcement has been updated to reflect this.

This release adds a new Gmail security feature to warn G Suite users when responding to emails sent from outside of their domain and not in their contacts. This feature can give enterprises protection against forged email messages, impersonation, as well as common user-error when sending mail to the wrong contacts.


How does it work?

• When a user hits reply in Gmail, Google scans the recipient list, including addresses in CC to determine its risk level. If a recipient is external to the user’s organization, not present in their Contacts or not someone the user interacts with regularly, we will display the warning.  
• We treat secondary domains and domain aliases like primary domains, so your users will not be warned when emailing users at your subdomains.
• If the recipient is intended, the user can dismiss the warning and proceed with the response. We won’t show the warning again for that recipient.
• Unintended external reply warning is controlled from the Admin console control in the Advanced Gmail settings and is launching default on. It can be toggled on or off by organizational unit or for your entire domain.

Launch Details
Release track:  
Launching to both Rapid and Scheduled release.

Rollout pace: 
Full rollout (1-3 days for feature visibility)

Impact: 
All end users

Action:
Change management suggested. The Help Center article below outlines the expected behavior, and can be used to help effectively communicate these changes to users.

More Information
Help Center: Unintended external reply warnings

Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

Update Aug 4: This rollout has begun and will be going live gradually over the coming days. Apologies for the delayed rollout

-------

Update 6/26: This rollout is being rescheduled to late July in order to further improve the speed of account profile updates. Apologies for any inconvenience this might have caused you. We will update this blog post once it's live. Please continue to monitor the What's New calendar for updates.

-------

On June 26, 2017, we’re releasing some changes that will bring user profile management under the direct control of G Suite admins, starting with the Name, Photo, Gender, and Birthday fields. Whereas end users could previously only edit these fields if they had upgraded to Google+, these new controls let admins decide which profile fields can be edited by end users, independent of Google+ status. Additionally, we are renaming the Contacts setting to Directory in order to better describe the functionality and, as such, the Contacts on/off setting within it will be removed.

More about this change

If you want to enable or disable your users’ ability to modify their Name, Photo, Gender, or Birthday, you can now do so from the Admin console. You will continue to be able to set these fields directly yourself where supported in the Admin console, or sync values using Google Cloud Directory Sync.




Editability settings are respected across Google. Once editability is enabled, your users can modify their profile information from My Account, About Me or other surfaces where profile editing is supported. If editing is disabled, users will be directed to you, the administrator, if they need to make changes.



This is the first in several launches that will grant admins better control over the editability of user profile data. Stay tuned for additional profile, directory, and contact management improvements in the future.

Service setting for Contacts On/Off: As part of this launch, we are removing the Contacts service on/off setting from the Admin console starting on June 26, 2017. Today, this setting only controls access to the Web contacts manager at contacts.google.com. It does not control any other user access to contacts, such as the contacts manager in Gmail, the Contacts Preview, API access to contacts, or the Directory functionality.

Once the Contacts on/off setting is removed from the Admin console, we will retain the the Web contacts manager on/off preference you’ve already specified. Please review whether this setting needs to be changed, and if so, make such change in the admin console before June 26, 2017 if required.
You can review your own Admin console settings from the Admin console.


When Contacts Preview eventually replaces the current Web contacts manager, the setting will no longer have any effect, and will be fully deprecated.

Default editability settings: At launch, editability behavior will be consistent with pre-launch behavior. For example, if Google+ was disabled for an Organizational Unit, which restricted editing pre-launch, then your editability settings will be “off”, not allowing users to edit their name, gender, photo, or birthdate. For domains with Google+ enabled, we will respect and migrate over the name editability control that existed in the Google+ settings. This design choice was made to keep the impact to your domain minimal, giving you flexibility for when you’d like to make changes.



Special behavior for Education domains: Education domains will not have an editability control for birthdate. For those domains, birthdate will never be editable by end users, except in the Google+ upgrade flow, if Google+ has been enabled.
Special behavior for domains with existing profile photos: Some domains have users with profile photos, despite not having G+ enabled. Those domains will have photo editability enabled on launch, in order to not interfere with existing photos. Admins may change the setting after launch.
Launch Details
Release track:
Launching to both Rapid release and Scheduled release on June 26 2017
Editions:
Available to all G Suite editions
Rollout pace:
Gradual rollout (up to 15 days for feature visibility)
Impact:
Admins and all end users
Action:
Change management suggested/FYI

More Information
Help Center: Managing directory profile changes

Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

When users collaborate using Google Calendar, they depend heavily on email notifications that are generated while they manage events and calendars. For example, event invitations, event updates, RSVPs and calendars sharing can all generate email notifications that are sent to event guests or calendar subscribers.

Sometimes these notifications are inadvertently triggered by third party calendar clients or go missing (because of incorrectly configured Gmail filters, accidental email deletions, etc.) With this launch, we’re exposing calendar email notification logs in the Calendar audit section of Admin Console, so you can easily investigate issues related to calendar email notifications. Each log entry provides insights on the type of calendar notification, its sender and its recipient as well as information on the calendar client that triggered it. You can also obtain the notification’s Message-ID which can be cross-referenced with the Email Audit logs, in order to confirm whether the notification was successfully delivered to its intended recipients. See our Help Center for more information on the new calendar notification fields.



We hope that by enriching the existing calendar audit logs, we will make it easier for helpdesk admins to troubleshoot issues for their users.

Launch Details
Release track:
Launching to both Rapid release and Scheduled release.

Editions:
Available to all G Suite editions

Rollout pace:
Full rollout (1-3 days for feature visibility)

Impact:
Admins only

Action:
Admin action suggested/FYI

When you click “Publish” in the new Google Sites, you allow other people to view your site. If your organization allows you to publish sites on the web, you see options to (1) allow anyone at your domain or anyone on the web to visit your site, and (2) allow your site to appear in search results.


You’ve told us that the “Allow my site to appear in search results” setting is confusing, and that it’s not entirely clear how it impacts the availability of your site. With that feedback in mind, we’re making some changes to the setting. Following this launch,

• if you’ve chosen to allow anyone on the web to visit your site, you’ll see an option to “Request public search engines not to index my site.” This option will not be selected by default, meaning that public search engines (like Google) will be able to index your site. This option will be labeled as a “Search setting” to distinguish it from the enforced permissions above it—by checking it, you indicate only your preference that search engines not index your site.

• if you’ve chosen to restrict viewing of your site to your domain only, you will not see the “Request public search engines not to index my site” option, because no one outside of your domain will be able to visit your site anyway. Depending on your configuration, your site may appear in your organization’s internal search engine and on Google Cloud Search.

Please note that today’s launch will not impact the settings of any already-published sites, unless they’re unpublished and republished.


Launch Details
Release track:
Launching to Rapid release, with Schedule release coming on June 6th, 2017

Editions:
Available to all G Suite editions

Rollout pace:
Full rollout (1–3 days for feature visibility)

Impact:
All end users

Action:
Change management suggested/FYI

More Information
Help Center: Preview and publish your site on the web

Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

Today we announced that Jamboard, our cloud-based, collaborative whiteboard, is available for purchase in the United States.

You can purchase Jamboard for $4,999 USD, which includes 2 styluses, an eraser and a wall mount. We’re also running a promotion—if you order on or before September 30, 2017, you’ll receive $300 off of the annual management and support fee, as well as a discount on the optional rolling stand.

Keep in mind that a G Suite plan is required to use Jamboard so that you can access files from Drive, use them in your brainstorms and come back to your work later. Also, we’re teaming up with BenQ to handle fulfillment, delivery and support. Check out pricing details below.

Jamboard is available in the U.S. to start, and will be available for purchase in the UK and Canada this summer, with more countries becoming available over time. Contact your Google Cloud sales rep or visit google.com/jamboard to learn more about how you can start jamming with colleagues today.

Additional info for G Suite admins
In addition to the Jamboard device, a Jamboard app will be available on Android and iOS for all G Suite customers globally starting this week. When used on a tablet, the app allows users to experience similar features as they would on the Jamboard device. On a smartphone, the app functions as a companion for the Jamboard device.

Usage of the Jamboard app will be controlled by a service on/off switch in the Admin console, and will be off by default.

Check out the Help Center for more information, including an FAQ section.

Launch Details
Release track: 
Jamboard service on/off switch and app launching gradually to both Rapid release and Scheduled release, starting this week. Jamboard devices now available for purchase in the US only.

Editions:
Jamboard devices and app available for G Suite Basic, Business, Enterprise, and Education* customers.

*G Suite for Education customers will need to satisfy certain requirements in order to purchase Jamboard devices. See the Help Center FAQ for more information.

Rollout pace for Jamboard service on/off switch and app: 
Gradual rollout (up to 15 days for feature visibility)

Impact: 
Admins only (Jamboard service is defaulted off in the Admin console)

Action: 
Admin action suggested/FYI

More Information 
Help Center
FAQ


Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

In September 2016, we launched Quick Access for Google Drive, which uses machine learning to intelligently predict the files you need, before you’ve even searched for them. Originally available on the Drive Android app, and later iOS, we’re now launching Quick Access on the web.

Quick Access intelligently predicts and surfaces files based on, among other things:

• who specific files are frequently shared with
• when relevant meetings occur
• what files are used at specific times of the day

Check out Quick Access on the Drive home page today.

Launch Details
Release track: 
Launching to Rapid release, with Scheduled release coming on June 20th, 2017

Editions:
Available to all G Suite editions

Rollout pace:
Gradual rollout (up to 15 days for feature visibility)

Impact:
All end users

Action:
Change management suggested/FYI

More Information
Help Center: Find files in Google Drive


Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

Smart Reply utilizes machine learning to give you better responses the more you use it. So if you're more of a “thanks!” than a “thanks.” person, we'll suggest the response that's, well, more you! If you want to learn about the smarts behind Smart Reply, check out the Google Research Blog.

Smart Reply will roll out globally on Android and iOS in English first, and Spanish will follow in the coming weeks. Stay tuned for more languages coming soon!

Launch Details
Release track:  
Launching to both Rapid release and Scheduled release

Editions:
Available to all G Suite editions

Rollout pace: 
Gradual rollout (up to 15 days for feature visibility)

Impact: 
All end users

Action: 
Change management suggested/FYI

More Information
The Keyword: Gmail


Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

(Cross-posted from G Suite Developers) 

Posted by Naveen Agarwal, Identity Team 

Recently, we took immediate action to protect users from a phishing attack that attempted to abuse the OAuth authorization infrastructure.

We’re now supplementing those efforts to help prevent these types of issues in the future. These changes may add some friction and require more time before you are able to publish your web application, so we recommend that you plan your work accordingly.

Updating app identity guidelines 
As our Google API user data policy states, apps must not mislead users. For example, app names should be unique to your application and should not copy others'.

To further enforce this policy, we are updating our app publishing process, our risk assessment systems, and our user-facing consent page in order to better detect spoofed or misleading application identities. You may see an error message as you’re registering new applications or modifying existing application attributes in the Google API Console, Firebase Console, or Apps Script editor as a result of this change.

New review processes and restrictions on web apps requesting user data
We have also enhanced our risk assessment for new web applications that request user data.

Based on this risk assessment, some web applications will require a manual review. Until the review is complete, users will not be able to approve the data permissions, and we will display an error message instead of the permissions consent page. You can request a review during the testing phase in order to open the app to the public. We will try to process those reviews in 3-7 business days. In the future, we will enable review requests during the registration phase as well.

You can continue to use your app for testing purposes before it is approved by logging in with an account registered as an owner/editor of that project in the Google API Console. This will enable you to add additional testers, as well as initiate the review process.

We also recommend developers review our earlier post outlining their responsibilities when requesting access to user data from their applications. Our teams will continue our constant efforts to support a powerful, useful developer ecosystem that keeps users and their data safe.


Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates