Google Offers Advanced Protection Program for High Risk Individuals

If you are a high risk or high net worth user of Google’s popular Gmail platform, Google Drive, or other Google services such as YouTube or Google Analytics, Google has come up with an advanced security program for you.

At the root of this new program is the use of what Google calls a physical Security Key.  This requires the purchase of two token devices.  The first is the Feitian MultiPass FIDO Security Key for bluetooth connectivity to phones, tablets, and computers.  The second is the Yubico FIDO U2F Security Key.  You will need to purchase both of them.

The keys will replace any two-factor authentication options you are using now, such as Google Authenticator, Authy, or SMS and email messaging of 2FA codes.

Google is targeting this program at individuals are most often targeted by cyber-criminals and other attackers, and can benefit from the additional layers of security provided by APP.  Specifically:

  • Business leaders and C-level officers
  • Journalists
  • Political candidates, campaign managers and staff
  • High net-worth individuals
  • People leaving abusive relationships
  • Human rights defenders
  • Social activists
  • Environmental campaigners
  • Government officials

Additional protections cover issues such as:

  • Blocking fraudulent account access – This prevents attackers from phoning Google support for a password reset
  • Defence against phishing
  • Limiting data access to trusted apps – For some people this will present a problem, as Google will no longer support data sharing with third party apps.

There are some gotchas beyond the modest expense of purchasing your security keys.  They include:

  • No third party apps – Third party apps that need permission to access Gmail or Drive will see those permissions ended.
  • Browser restrictions – Will will only be able to use the Chrome browser to access signed in services such as Gmail, Photos, Documents, and so forth.
  • No iOS support – If you are using Apple services such as Apple Mail, Contacts, and Calendar, they are currently do not support Security Keys.  You would need to use Gmail and other Google apps on your iPhone, iPad, and Mac.

If you are one of the individuals listed above, this bears investigation on your part.  I will say, after reviewing this program I will not be setting it up for myself.  Seems a bit difficult and too many exclusions that would create problems for me.  I am going to continue to use a two-factor authentication smartphone app as my primary account security method.  For more detailed information please follow the links below

More information:


About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.