"Google Workspace Introduces New AI-Powered Security Controls"

Google recently introduced new AI-powered security controls for its Workspace customers, targeting zero trust, digital sovereignty, and threat defense.  Google stated that the new AI-powered zero trust capabilities are meant to provide organizations with more granular control over how data is accessed and used.  Google noted that to ensure data protection and prevent inappropriate sharing of data in Google Drive, Google AI can now be used to automatically and continuously classify and label new and existing files and then apply necessary controls based on the organization’s security policies.  Later this year, Gmail will receive enhanced DLP controls to improve control over the sharing of sensitive information, both inside and outside the organization.  Google also announced new digital sovereignty controls to help prevent unauthorized access to sensitive data, storing encryption keys, selecting where data is processed, and limiting Google support access.  To prevent third-party access to sensitive data, Google is introducing new client-side encryption (CSE) improvements, such as generally available support of mobile apps in Google Calendar, Gmail, and Meet, or the ability to view, edit, or convert Excel files.  To improve protections against account takeover, later this year, the internet giant will make two-step verification (2SV) mandatory for select administrator accounts of resellers and largest enterprise customers and will enable multi-party approval for sensitive administrator actions.  Google also announced the availability of automated protections for sensitive actions in Gmail, including filtering and forwarding and the ability to export Workspace logs into Chronicle.

SecurityWeek reports: "Google Workspace Introduces New AI-Powered Security Controls"