Google Workspace is everything you need to get anything done, now in one place. Whether you're returning to the office, working from home, on the frontlines with your mobile device, or connecting with customers, Google Workspace is the best way to create, communicate, and collaborate. As hybrid work has become the norm, security, data privacy, and trust continue to be the foundation that make anywhere, anytime collaboration possible. Central to Google's security strategy are authentication, integrity, and encryption. As a next step in trusted collaboration Google launched new solutions in Google Workspace such as Client-side encryption, trust rules for Drive and Drive labels.
Client-side encryption for stronger privacy and data security
All data that we outsource to the cloud, both in our digital private lives and in our working environment, is a highly insecure matter. This is why end-to-end encryption or client-side encryption are so important for data protection.
Encryption is simply the process of encoding data so that only those with authorized access can read it. Client-side encryption is especially beneficial for organizations that store sensitive or regulated data, like intellectual property, healthcare records, or financial data. Using Client-side encryption choose a key access service partner from Flowcrypt, Futurex, Thales, or Virtru. Each of these partners have built tools in accordance with Google’s specifications and provide both key management and access control capabilities. Your chosen service partner holds the key to decode encrypted Google Workspace files, and Google cannot access or decipher these files without this key. With Client-side encryption, customer data is indecipherable to Google, while you can continue to take advantage of Google’s native web-based collaboration, access content on mobile devices, and share encrypted files externally.
Google Workspace already uses the latest cryptographic standards to encrypt all data at rest and in transit between its facilities. With Client-side encryption you have direct control of encryption keys and the identity provider used to access those keys to further strengthen the security of your data. Client-side encryption will initially be available for Google Drive, Docs, Sheets, and Slides, with support for multiple file types including Office files, PDFs, and more. The beta of Client-side encryption is available for Google Workspace Enterprise Plus and Google Workspace Education Plus customers.
Trust rules for Drive for more control over secure collaboration
Because sharing ideas and information is at the heart of trusted collaboration, it’s critical that you have the ability to powerfully and precisely manage your files. Trust rules is a new security feature which allows admins to set fine-grained rules defining whom their users can collaborate with in Drive, both within and outside of their organization. Trust rules will replace the existing “Sharing options” in the Google Drive admin controls. Specific rules can even be set for organizational units and groups, allowing a more granular approach than enforcing blanket policies on every user.
The beta for trust rules for Drive will be rolling out in the coming months and will be available for Google Workspace Enterprise and Google Workspace Education Plus customers.
Drive labels for enhanced data loss prevention and classification
Labels are metadata you define to help users organize, find, and apply policy to items in Drive, Docs, Sheets, and Slides. With Drive labels, users can classify files stored in Google Drive to help ensure they’re handled correctly. Drive labels are useful for many common workplace scenarios for organizing files, including record management, classification, structured finding, workflow, reporting, auditing, and more.
Drive labels integrates with Google Workspace’s data loss prevention (DLP) capabilities so admins can set rules at the appropriate sensitivity level. If users forget to classify content on their own, files can be classified automatically based on administrator defined DLP rules. Both manual and automated labels can be used with DLP to prevent external sharing, downloading, and printing of some files. Google is also adding 60 new content detectors, including resumes, SEC filings, patents, and source code.
Drive labels is now available in beta for Google Workspace Business Standard, Google Workspace Business Plus, Google Workspace Enterprise, Google Workspace for Education Standard, and Google Workspace Education Plus customers.
New phishing and malware content protection for Google Drive
The built-in protections in Google Drive that help block phishing and malware content from external users and organizations are available for all Google Workspace customers. Google also enable all Google Workspace admins to implement this protection for content within their organizations, helping to safeguard against insider threats and user error. If abusive content is found, the relevant file is flagged and made visible only to admins and the file’s owner. This prevents sharing and reduces the number of users potentially impacted by the abusive content.
If you are interested in Google’s new collaboration solutions I Google Workspace read the article “Google Workspace delivers new levels of trusted collaboration for a hybrid work world” here.
There is no going back to the work model that prevailed before the pandemic. Hybrid work is the new normal organizations need to be able to provide to their employees, as Microsoft’s work trend index summarized in March. Azure Virtual Desktop is one of the solutions Microsoft provide for organizations on this journey. Using Azure Virtual Desktop enables a secure, remote desktop experience from anywhere, helping companies build resilience as they adapt to working in new ways. To help seamlessly deploy Azure Virtual Desktop, it’s important to understand the prerequisites and the four steps required: Plan-Prepare- Deploy-Optimize.
Tvrtke premještaju ključne aplikacije i radna opterećenja u oblak, povećavajući tako sigurnost, pouzdanost i učinkovitost. Istovremeno, rad na daljinu i hibridni rad i dalje su norma s obzirom na to da 55 % zaposlenika preferira takve oblike radnog okruženja. Azure virtualna radna površina nudi uređenu infrastrukturu virtualne radne površine kojom je lako upravljati,sigurna je i isplativa, a pruža i besprijekorno iskustvo koje se može usporediti s prijenosnim ili stolnim računalom. U ovom smo članku pripremili sažetak prednosti Azure virtualne radne površine te vam donosimo primjere iz stvarnog života drugih koji su u svom poslovanju koristili Azure virtualnu radnu površinu.
Identitet, krajnje točke, aplikacije, mreža, infrastruktura i podaci važne su poveznice u
cjelokupnom lancu sigurnosnog modela nultog povjerenja (Zero Trust). Microsoft podržava sigurnost nultog povjerenja (Zero Trust) kroz višestruke slojeve obrane. Pogledajte šest sigurnosnih slojeva modela nultog povjerenja (Zero Trust) i kako ih obraniti.
Kod sigurnosnog modela nultog povjerenja (Zero Trust) radi se o provjerenom povjerenju, naime da biste vjerovali, najprije morate provjeriti. Sigurnosni model nultog povjerenja (Zero Trust) podrazumijeva visoku razinu provjere identiteta, potvrđuje usklađenost uređaja prije odobrenja pristupa te osigurava pristup isključivo ovlaštenim resursima u skladu s načelom najnižih povlastica. U ovom članku sažimamo temeljne elemente sigurnosnog modela nultog povjerenja (Zero Trust).