We encourage all of our customers to use two-step verification for added protection when they log into their G Suite accounts. In particular, we recommend security keys, which are easy to use and better prevent some common attacks, like phishing.

Previously, we made it possible for admins in G Suite Enterprise domains to allow only security keys as their users' two-step verification factor. In addition, we gave them (and G Suite Business admins) tools to manage the deployment of security keys and to view usage reports. Because we believe security keys can be pivotal in the effort to protect any organization, we’re now bringing these management capabilities to all G Suite editions.

Going forward, all G Suite admins will be able to do the following in the Admin console:

• Restrict users’ two-step verification method to security keys only.
• Add and revoke security keys for users.
• View reports on security key usage.

For more information on enforcing and managing security key use in your domain, visit the Help Center.

Launch Details
Release track:
Launching to both Rapid Release and Scheduled Release

Editions:
Available to all G Suite editions

Rollout pace:
Extended rollout (potentially longer than 15 days for feature visibility)

Impact:
Admins only

Action:
Admin action suggested/FYI

More Information
Help Center: Add 2-Step Verification
Help Center: Use Security Key for 2-Step Verification
Help Center: View and revoke security key access to Google accounts


Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

Jamboard helps businesses collaborate more efficiently by bringing the power of the cloud into their team brainstorms. With this latest Jamboard release, we’re adding new features to help you customize that experience for the unique needs of your organization.

Automatic document closeout
Jams can now be automatically closed if left open on a Jamboard kiosk for longer than a period of time if/when configured by the admins. This feature is configurable in the settings page of the Jamboard Admin console under “Document Timeout.”

Custom backgrounds
Users can now select custom backgrounds for their jams. There’s a list of 7 unique background and patterns to choose from. Each background will be applied to the jam across all devices.



Custom screensaver messages
Admins can now create a custom message in the Jamboard Admin console settings page under “Screensaver Message.” This message will display as a ticker on the Jamboard screensaver.



Object connectors
You can now connect shapes on the Jamboard together by drawing lines between them.

Landscape support for mobile devices
Users can now interact with jams in landscape mode on both iOS and Android Jamboard mobile apps.

For a full list of new features and improvements from this month’s release, check out the What’s New in Jamboard page in the Help Center.

Launch Details
Release track:
Launching to both Rapid Release and Scheduled Release

Editions:
Available to all G Suite Basic, Business, Enterprise, and Education customers

Rollout pace:
Gradual rollout (up to 15 days for feature visibility)

Impact:
All end users

Action:
Change management suggested/FYI

More Information
Help Center


Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

Last year, we introduced a new resource for admins: What’s new in G Suite? Don’t forget to visit the page regularly for a list of the most recent launches across G Suite.

Feedback? Let us know.

(Cross-posted from The Keyword)

Security tools are only effective at stopping threats if they are deployed and managed at scale, but getting everyone in your organization to adopt these tools ultimately hinges on how easy they are to use. It’s for this reason that G Suite has always aimed to give IT admins simpler ways to manage access, control devices, ensure compliance and keep data secure.

Today we announced more than 20 updates to deepen and expand Google Cloud customers’ control over their security. Many of these features will be turned on by default for G Suite so that you can be sure the right protections are in place for your organization. And, even better, in most cases your users won’t have to do a thing. Here’s the breakdown.

1. Helping to protect your users and organization with new advanced anti-phishing capabilities

We're applying machine learning (ML) to billions of threat indicators and evolving our models to quickly identify what could be a phishing attack in the making. Information from these self-learning ML models helps us flag suspicious content. At the same time, updated phishing security controls can be configured to automatically switch on the latest Google-recommended defenses.

These new protections can:

• Automatically flag emails from untrusted senders that have encrypted attachments or embedded scripts.
• Warn against email that tries to spoof employee names or that comes from a domain that looks similar to your own domain.
• Offer enhanced protections against spear phishing attacks by flagging unauthenticated email.
• Scan images for phishing indicators and expand shortened URLs to uncover malicious links.

With the protections we have in place, more than 99.9% of Business Email Compromise (BEC) scenarios—or when someone impersonates an executive to get sensitive information—are either automatically moved to the spam folder or flagged with anomaly warnings to users.


For more details, G Suite admins should read our related post on the G Suite Updates blog.

2. Giving you more control over mobile devices with default-on mobile management

Securing endpoints like mobile devices is one of the best ways for businesses to keep data safe. More than 7 million devices are already managed with G Suite’s enterprise-grade mobile management solution. With new proactive security settings, basic device management for your mobile devices that access G Suite is automatically enabled.

This means employees don’t have to install profiles on iOS and Android devices. It also means admins get added security management controls to help them:

• See which devices access corporate data in a single dashboard.
• Enforce pass codes and erase confidential data with selective account wipe for Android and iOS.
• Automatically protect Android and iOS devices, with no user intervention or device profile required.

And you may have noticed we launched updates to Cloud Identity—a way for enterprises to manage users, apps and devices centrally. Cloud Identity includes user lifecycle management, account security, SSO, robust device and app management and unified reporting. Check it out.



3. Offering you more visibility and insights to stay ahead of potential threats

IT admins who operate in the cloud seek tools, visibility and assistive insights to stop threats or gaps in operations before they become security incidents. This is why we introduced the security center for G Suite earlier this year. The security center is a tool that brings together security analytics, actionable insights and best practice recommendations from Google to help you protect your organization, data and users.

Today, we’re introducing additions to the security center for G Suite including:

• New security charts to show OAuth activity and Business Email Compromise (BEC) scam threats that are specifically focused on phishing emails that may not have links.
• New mobile management charts to help IT admins examine activity analytics and show when devices have been hijacked, rooted or jailbroken, as well as when other suspicious device activity has been detected.
• Ways to reorganize the dashboard to focus on what is most important to your organization.
• Ways to analyze your organization’s security health and get custom advice on security key deployment and protection against phishing scams.

If you’re new to using the G Suite security center, check out these instructions to get started. Note that only admins with G Suite Enterprise licenses can access the security center.

4. Providing built-in protections and controls for Team Drives

Enterprises share and store an enormous amount of content, which means admins need more controls to keep this data protected. That’s why we’re enhancing Team Drives with new security controls to give you more ways to safeguard highly-sensitive content. Now, your data can be protected by Information Rights Management (IRM) controls so you can feel confident that your company’s ideas stay “yours.”



Specific updates include the ability to modify settings for Team Drives to:

• Limit file access privileges to Team Drives members, or only to users within your domain.
• Add IRM controls to prevent users from printing, downloading and copying files within Team Drives. 

These new security features for Team Drives will roll out over the next few weeks. Monitor the G Suite Updates blog and G Suite release calendar for more information when these features launch.

Get started

Phishing and mobile management controls are available now across all G Suite versions, and you’ll be able to use Team Drives controls in the coming weeks. If you’re a G Suite Enterprise customer, you can access the security center in the Admin console.



Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

We recently introduced several features for G Suite to help keep your data secure. As described in our earlier post, this includes basic mobile management that’s on by default. Keep reading for more information on this new setting configuration and how it’ll be rolled out to your organization.

If your users bring their Android and iOS devices to work, you have the option to turn on mobile device management for additional security.

If you’ve never enabled this option, we will automatically turn on basic mobile management for your domain by the end of the year. This means that any user who doesn’t currently have a passcode or screen lock on their device will be required to set one up before accessing their G Suite apps.

To control the timing of this change, you can do one of three things:

1. Turn on basic mobile management now, and enforce a passcode on your users' devices.
2. Turn on basic mobile management now, but don't enforce a passcode on your users' devices.
3. Enable and then disable mobile management. This will prevent basic mobile management from being turned on automatically.

If you do any of the above, passcodes and screen locks will not be automatically enforced at any point in the future.

A few important things to keep in mind:

• If your organization has previously enabled basic, advanced, or custom mobile management, your users won’t be impacted by this launch.
• This launch applies even if your organization uses a third-party Enterprise Mobility Management (EMM) provider. It won’t impact the way your EMM works in any way.
• Mobile devices syncing via Google Sync won’t be impacted by this change and won’t have a passcode or screen lock enforced.
• Users who sync their mail via IMAP and who don’t use native G Suite apps (e.g. Gmail) won’t be impacted by this change, and their devices won’t have a passcode or screen lock enforced.

For more information on Google Mobile Management, please visit the Help Center.

Launch Details
Release track:
Launching to both Rapid Release and Scheduled Release by the end of 2018

Editions:
Available to all G Suite editions

Rollout pace:
Extended rollout (potentially longer than 15 days for feature visibility)

Impact:
Admins and end users

Action:
Admin action suggested/FYI

More Information
Help Center: Turn on mobile device management
Help Center: Compare mobile management features
The Keyword: Helping G Suite customers stay secure with new proactive phishing protections and management controls


Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

We recently introduced several features for G Suite to help keep your data secure. As described in our earlier post, this includes advanced protections against phishing and malware attempts. Keep reading for more information on these new settings and how they’ll be rolled out to your organization.

Following this launch, you’ll notice the new settings below in the Admin console under Apps > G Suite > Gmail > Safety. Each can be enabled, disabled, or customized.

In the “Attachments” section:

• Protect against encrypted attachments from untrusted senders
• Protect against attachments with scripts from untrusted senders

In the “Links and external images” section:

• Identify links behind shortened URLs
• Scan linked images
• Show warning prompt for any click on links to untrusted domains

In the “Spoofing and authentication” section:

• Protect against domain spoofing based on similar domain names
• Protect against spoofing of employee names
• Protect against inbound emails spoofing your domain
• Protect against any unauthenticated emails

At launch time, the majority of these settings will be disabled for existing customers, because—depending on your domain configuration—they may cause false positives. To maximize security, the following settings will be automatically enabled for existing customers on April 4th, 2018:

• Identify links behind shortened URLs
• Scan linked images

If you don’t want these settings to be turned on automatically on April 4th, you’ll need to disable or customize them prior to that date.

For more information on these new settings, please visit the Help Center.

Note that G Suite Enterprise customers can view charts related to these settings in the G Suite security center, and the Security health page will warn them if these settings aren’t enabled.

Launch Details
Release track:
All settings launching to both Rapid Release and Scheduled Release on March 21st, 2018; “Identify links behind shortened URLs” and “Scan linked images” settings to be enabled automatically on April 4th, 2018, unless they’re disabled or customized prior to that date

Editions:
Available to all G Suite editions (note that only G Suite Enterprise customers can access the security center)

Rollout pace:
Full rollout (1–3 days for feature visibility)

Impact:
Admins only

Action:
Admin action suggested/FYI

More Information
Help Center: Advanced phishing and malware protection
The Keyword: Helping G Suite customers stay secure with new proactive phishing protections and management controls

Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

Meet allows G Suite users to connect across any device, at any time. Users with iOS devices whose accounts aren’t Meet-enabled are still able to join meetings that they’re invited to, but aren’t able to create them. To ensure that these users understand why they are missing that functionality, we will start showing them the following message the first time they open the Meet app on their iOS device:





This message is already shown to users on the web. It will primarily reach non-G Suite users’ accounts, but admins may receive requests from their users who do not have Meet enabled for their domain and/or organizational unit.

Launch Details
Release track:
Launching to both Rapid Release and Scheduled Release

Editions:
Available to all G Suite editions

Rollout pace:
Gradual rollout (up to 15 days for feature visibility)

Impact:
All end users

Action:
Change management suggested/FYI

More Information
Help Center: Managing Hangouts Meet

Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

The new Google Sites provides a simple and elegant way to create websites. To help your site stand out, you can now customize your favicon—the icon which appears in a browser tab or bookmark list—to match your site. This can help your viewers more easily recognize your site, and help you reinforce your branding.



Use our Help Center to find out how to add a custom favicon in the new Google Sites.

Launch Details 
Release track:
Launching to Rapid Release, with Scheduled Release coming in 2 weeks.

Editions: 
Available to all G Suite editions

Rollout pace: 
Gradual rollout (up to 15 days for feature visibility)

Impact: 
All end users

Action: 
Change management suggested/FYI

More Information 
Help Center: Add or edit text & images


Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

Last year, we introduced a new resource for admins: What’s new in G Suite? Don’t forget to visit the page regularly for a list of the most recent launches across G Suite.

Feedback? Let us know.