Google Offers Advanced Protection Program for High Risk Individuals

If you are a high risk or high net worth user of Google’s popular Gmail platform, Google Drive, or other Google services such as YouTube or Google Analytics, Google has come up with an advanced security program for you.

At the root of this new program is the use of what Google calls a physical Security Key.  This requires the purchase of two token devices.  The first is the Feitian MultiPass FIDO Security Key for bluetooth connectivity to phones, tablets, and computers.  The second is the Yubico FIDO U2F Security Key.  You will need to purchase both of them.

The keys will replace any two-factor authentication options you are using now, such as Google Authenticator, Authy, or SMS and email messaging of 2FA codes.

Google is targeting this program at individuals are most often targeted by cyber-criminals and other attackers, and can benefit from the additional layers of security provided by APP.  Specifically:

  • Business leaders and C-level officers
  • Journalists
  • Political candidates, campaign managers and staff
  • High net-worth individuals
  • People leaving abusive relationships
  • Human rights defenders
  • Social activists
  • Environmental campaigners
  • Government officials

Additional protections cover issues such as:

  • Blocking fraudulent account access – This prevents attackers from phoning Google support for a password reset
  • Defence against phishing
  • Limiting data access to trusted apps – For some people this will present a problem, as Google will no longer support data sharing with third party apps.

There are some gotchas beyond the modest expense of purchasing your security keys.  They include:

  • No third party apps – Third party apps that need permission to access Gmail or Drive will see those permissions ended.
  • Browser restrictions – Will will only be able to use the Chrome browser to access signed in services such as Gmail, Photos, Documents, and so forth.
  • No iOS support – If you are using Apple services such as Apple Mail, Contacts, and Calendar, they are currently do not support Security Keys.  You would need to use Gmail and other Google apps on your iPhone, iPad, and Mac.

If you are one of the individuals listed above, this bears investigation on your part.  I will say, after reviewing this program I will not be setting it up for myself.  Seems a bit difficult and too many exclusions that would create problems for me.  I am going to continue to use a two-factor authentication smartphone app as my primary account security method.  For more detailed information please follow the links below

More information:

0

About the Author:

Cybersecurity guru to business owners in the St Paul, Minneapolis, and western Wisconsin area. Computer security and hacking have been a passion of mine since I entered the computer and networking business in 2000. In 2013 I completed a course of study and certification exam to become a Certified Ethical Hacker (CEH). In 2016 I was certified as a Certified Information Systems Security Professional (CISSP). As Senior Cybersecurity Engineer at Computer Integration Technologies, I help our clients experience high levels of computer security, network security, and web site security. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also provide Cybersecurity Awareness Training for clients and their employees. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. The views expressed on this Web site are mine alone and do not necessarily represent the views of my employer.

Add a Comment