If you are a high risk or high net worth user of Google’s popular Gmail platform, Google Drive, or other Google services such as YouTube or Google Analytics, Google has come up with an advanced security program for you.
At the root of this new program is the use of what Google calls a physical Security Key. This requires the purchase of two token devices. The first is the Feitian MultiPass FIDO Security Key for bluetooth connectivity to phones, tablets, and computers. The second is the Yubico FIDO U2F Security Key. You will need to purchase both of them.
Google is targeting this program at individuals are most often targeted by cyber-criminals and other attackers, and can benefit from the additional layers of security provided by APP. Specifically:
- Business leaders and C-level officers
- Political candidates, campaign managers and staff
- High net-worth individuals
- People leaving abusive relationships
- Human rights defenders
- Social activists
- Environmental campaigners
- Government officials
Additional protections cover issues such as:
- Blocking fraudulent account access – This prevents attackers from phoning Google support for a password reset
- Defence against phishing
- Limiting data access to trusted apps – For some people this will present a problem, as Google will no longer support data sharing with third party apps.
There are some gotchas beyond the modest expense of purchasing your security keys. They include:
- No third party apps – Third party apps that need permission to access Gmail or Drive will see those permissions ended.
- Browser restrictions – Will will only be able to use the Chrome browser to access signed in services such as Gmail, Photos, Documents, and so forth.
- No iOS support – If you are using Apple services such as Apple Mail, Contacts, and Calendar, they are currently do not support Security Keys. You would need to use Gmail and other Google apps on your iPhone, iPad, and Mac.
If you are one of the individuals listed above, this bears investigation on your part. I will say, after reviewing this program I will not be setting it up for myself. Seems a bit difficult and too many exclusions that would create problems for me. I am going to continue to use a two-factor authentication smartphone app as my primary account security method. For more detailed information please follow the links below
- Google Advanced Protection Program
- Sophos Naked Security
- Feitian MultiPass FIDO Security Key
- Yubico FIDO U2F Security Key