Google Offers Advanced Protection Program for High Risk Individuals

If you are a high risk or high net worth user of Google’s popular Gmail platform, Google Drive, or other Google services such as YouTube or Google Analytics, Google has come up with an advanced security program for you.

At the root of this new program is the use of what Google calls a physical Security Key.  This requires the purchase of two token devices.  The first is the Feitian MultiPass FIDO Security Key for bluetooth connectivity to phones, tablets, and computers.  The second is the Yubico FIDO U2F Security Key.  You will need to purchase both of them.

The keys will replace any two-factor authentication options you are using now, such as Google Authenticator, Authy, or SMS and email messaging of 2FA codes.

Google is targeting this program at individuals are most often targeted by cyber-criminals and other attackers, and can benefit from the additional layers of security provided by APP.  Specifically:

  • Business leaders and C-level officers
  • Journalists
  • Political candidates, campaign managers and staff
  • High net-worth individuals
  • People leaving abusive relationships
  • Human rights defenders
  • Social activists
  • Environmental campaigners
  • Government officials

Additional protections cover issues such as:

  • Blocking fraudulent account access – This prevents attackers from phoning Google support for a password reset
  • Defence against phishing
  • Limiting data access to trusted apps – For some people this will present a problem, as Google will no longer support data sharing with third party apps.

There are some gotchas beyond the modest expense of purchasing your security keys.  They include:

  • No third party apps – Third party apps that need permission to access Gmail or Drive will see those permissions ended.
  • Browser restrictions – Will will only be able to use the Chrome browser to access signed in services such as Gmail, Photos, Documents, and so forth.
  • No iOS support – If you are using Apple services such as Apple Mail, Contacts, and Calendar, they are currently do not support Security Keys.  You would need to use Gmail and other Google apps on your iPhone, iPad, and Mac.

If you are one of the individuals listed above, this bears investigation on your part.  I will say, after reviewing this program I will not be setting it up for myself.  Seems a bit difficult and too many exclusions that would create problems for me.  I am going to continue to use a two-factor authentication smartphone app as my primary account security method.  For more detailed information please follow the links below

More information:

0

About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Owner of the WyzCo Group Inc. In addition to consulting on security products and services, Bob also conducts security audits, compliance audits, vulnerability assessments and penetration tests. Bob also teaches Cybersecurity Awareness Training classes. Bob works as an instruction for CompTIA’s non-profit IT-Ready Program in the Twin Cities. IT-Ready is a tuition free 8-week program designed to teach students of all ages the fundamentals of IT support to prepare them for an entry level position in Information Technology Support. Graduates of the classes take the exams to become CompTIA A+ certified. Bob is a frequent speaker at conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. Bob has been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.