Tag Archives: Connected Workspaces

New ways to secure businesses in the cloud

From collaboration tools that accelerate productivity, to platforms that spur innovation, to AI-powered tools that drive better customer insights, the cloud is increasingly where we turn to transform businesses. It’s also where an increasing number of enterprises are turning to help protect their data and stay secure.

As Urs shared earlier this week, it’s been our belief from the beginning that if you put security first, everything else will follow. We continue to develop new ways to give our customers the capabilities they need to keep up with today’s ever-evolving security challenges. That’s why today we’re announcing more than 20 enhancements aimed to deepen and expand the control businesses have over their security environment. You can read all of our announcements in more detail on our posts covering Google Cloud Platform, G Suite and Chrome Enterprise updates. Here, we’d like to highlight three unique examples of our security functionality.

Unprecedented control to better protect your data

Google Cloud was designed, built, and is operated with security top of mind—from our custom hardware like our Titan chip, to data encryption both at rest and in transit by default. On top of this foundation, our customers have the freedom to deploy their own security controls based on their unique needs and the level of assurance they require. Today, we’re announcing VPC Service Controls to add to our broad set of protections.

Currently in alpha, VPC Service Controls help enterprises keep their sensitive data private while using GCP’s fully managed storage and data processing capabilities. Imagine constructing an invisible border around everything in an app that prevents its data from escaping, and having the power to set up, reconfigure and tear down these virtual perimeters at will. You can think of it like a firewall for API-based services on GCP. Well-defined VPC service controls can give admins a greater level of control to prevent data exfiltration from cloud services as a result of breaches or insider threats.

With this managed service, enterprises can configure private communication between cloud resources and hybrid VPC networks. By expanding perimeter security from on-premise networks to data stored in GCP services, enterprises can feel confident running sensitive data workloads in the cloud.

VPC Service Controls give admins even more precise control over which users can access GCP resources with Access Context Manager. Enterprises can create policies to grant access based on contextual attributes like user location, IP address and endpoint security status. These policies help ensure the appropriate level of protection is in place when allowing access to data in cloud resources from the internet.

Google Cloud is the first cloud provider to offer virtual security perimeters for API-based services with simplicity, speed and flexibility that far exceeds what organizations can achieve in a physical, on-premises environment.


Visibility into data risks, with actionable security insights


As use of cloud services continues to grow, clear visibility into an organization’s cloud footprint and the security status of its infrastructure is more important than ever. Businesses need the right data and actionable insights to stop threats before security incidents turn into damaging breaches. To that end, we’re announcing Cloud Security Command Center, currently in alpha.

Cloud Security Command Center is a security and data risk platform for GCP that helps enterprises gather data, identify threats and act on them before they result in business damage or loss. First, Cloud Security Command Center gives enterprises consolidated visibility into their cloud assets across App Engine, Compute Engine, Cloud Storage and Cloud Datastore. People can quickly understand the number of projects they have, what resources are deployed, where sensitive data is located, and how firewall rules are configured. With ongoing discovery scans, enterprises can view the history of their cloud assets to understand exactly what changed in their environment and act on unauthorized modifications.

Cloud Security Command Center also provides powerful security insights into cloud resources. For example, security teams can determine things like whether a cloud storage bucket is open to the internet or contains personally identifiable information, or whether cloud applications are vulnerable to cross-site scripting (XSS) vulnerabilities—to name just a few.

Finally, Cloud Security Command Center helps enterprises leverage and act on intelligence from Google and other leading security vendors. Administrators can identify threats like botnets, cryptocurrency mining and suspicious network traffic with built-in anomaly detection developed by the Google Security team, as well as integrate insights from vendors such as Cloudflare, CrowdStrike, Dome9, RedLock, Palo Alto Networks, and Qualys to help detect DDoS attacks, compromised endpoints, compliance policy violations, network intrusions and instance vulnerabilities and threats. With ongoing security analytics and threat intelligence, enterprises can better assess their overall security health in a central dashboard or through APIs, and immediately act on risks.

This is just one example of how we’re providing enterprises more visibility. Earlier this year, we announced the security center for G Suite, which provides security analytics and recommendations for our G Suite customers. Today we’re introducing additions to security center, including new charts which highlight phishing threats and suspicious device activity. You can read more about these improvements in our G Suite and GCP posts.

Transparency into how we interact with your data

Trust is paramount when choosing a cloud provider. We want to be as open and transparent as possible, allowing customers to see everything that happens to their data. Cloud Audit Logging helps answer the question of which administrators did what, where, when and why on your GCP projects.

And now, Access Transparency offers an immutable audit trail of actions taken by Google engineers and support whenever they interact with your content on GCP. Access Transparency builds on our already robust controls that restrict Google administrator activity to actions only with valid business justifications, such as responding to a specific ticket our customers have initiated or recovering from an outage.

Together, Cloud Audit Logs and Access Transparency Logs provide a more comprehensive view of admin activity in your cloud environment. We believe that trust is created through transparency, which is why we’re proud that GCP is the first to offer this level of visibility into cloud provider administrative activity.

What cloud security means for businesses

Today’s updates are just a few examples of how we’re making it easier and more secure for businesses to build and grow in the cloud—with many more still to come.

“Businesses’ path to cloud adoption relies heavily on trust; CEOs and CIOs need to feel comfortable that they are gaining significant benefit from the cloud without giving up control,” says Doug Cahill, Senior Analyst, ESG. “With these announcements, Google Cloud is continuing to provide more control and insight to customers—and commendable visibility into administrative activity within their cloud environments through Access Transparency—while offering them the peace of mind that many of the fundamental aspects of security are taken care of and constantly evolving along with the threat landscape.”

Customers like Credit Karma, Lahey Health, and Sanmina Manufacturing are working with Google Cloud to help secure their data.

“A strong security posture plays a critical role in helping us fulfill our mission of helping our members navigate the complex personal finance landscape through a predictive, data-driven recommendation system,” says Credit Karma Chief Technology Officer Ryan Graciano. “User trust is crucial to our business so security was hugely important when selecting a cloud provider. Google Cloud’s end-to-end approach met our high standards. This enables us to spend more time focusing on building the best products for our customers.”

We believe a more secure business landscape is better for everyone, and we’ll continue to develop ways to help businesses be more secure. For a closer look at all our security-related announcements today, read our in-depth posts on GCP, G Suite and Chrome Enterprise.

Source: Google Cloud


Google Cloud Next ’18—Registration now open!

Registration for Google Cloud Next ’18 isnow open—we hope you’ll join us July 24-26, 2018 at Moscone Center in San Francisco.

Each year at Next, we bring together a community of leaders, developers, and entrepreneurs to explore the ways we can build the future of the cloud, together. Join us to hear an inspiring line-up of industry innovators and Google executives including Diane Greene, CEO of Google Cloud.

Building on the energy of Next ‘17 with over 12,000 attendees, Next ‘18 will bring even more interesting keynotes, hundreds of hands-on learning opportunities, and 400 breakout and spotlight sessions on topics ranging from accessible machine learning to advances in security. We look forward to hearing from customers and partners building their businesses with Google Cloud Platform (GCP), G Suite, Maps and the latest technology across all of Google.

Space is limited, so we encourage you to secure your spot early and take advantage of the early-bird rate of $999, a savings of $500 off full-priced admission. You can learn more on the Next ’18 website.

We can’t wait to see you in July!

Source: Google Cloud


Security in the cloud

Security is one of the biggest issues of our time. Countless companies and governments have lost data because of security incidents. And just one breach could cost millions in fines and lost business—and most importantly, lose customer trust.

As a result, security is increasingly top of mind for CEOs and Boards of Directors. That’s why, this week, I’ll join Google Cloud CEO Diane Greene and many of our colleagues in New York, where we’ll meet with more than 100 CEOs to discuss security in the cloud.

At its most basic level, security is a human issue. Whether performed by individuals or organizations, cybersecurity attacks are ultimately carried out by people, regardless of motive.

Often these attacks rely on exploiting human nature, such as through phishing emails. And it’s people that they ultimately affect. By some accounts, 179 million personal records were exposed just in 2017 through data breaches.

And as a human issue, security is something we can tackle together.


Leveraging the cloud to protect against threats


Cloud providers offer a vast army of experts to protect against threats—one far larger than almost any internal team a company could invest in. In fact, if businesses were to go it alone, there wouldn’t be enough security professionals in the world to adequately protect every single company and their users.

In industries from financial services to healthcare to retail, companies are relying on the automation and scale offered by the cloud to protect their data and that of their customers—allowing their employees to focus on building their business. Many are coming to the same conclusion we have: In many cases, if you’re not moving to the cloud, you’re risking your business.

Take the CPU vulnerabilities that were disclosed in January, for example. These were major discoveries; they rocked the tech industry. But for the most part, cloud customers could go about their business. Here at Google Cloud, we updated our infrastructure through Live Migration, which required no reboots, no customer downtime, and did not materially impact performance. In fact, we got calls from customers asking if we had updated our systems to protect against the vulnerabilities—because they experienced no impact.

These won’t be the last security vulnerabilities to be uncovered; humans will never write perfect code. But the cloud makes it much easier to stay on top of them. The scale of the cloud security teams that find and mitigate emerging threats, the ability to update many systems at scale, and the automation to scan, update and protect users all contribute to cloud’s unique position to keep information and people secure.


Security at Google Cloud


Security has been paramount to Google from the very beginning. (I would know!) We’ve been operating securely in the cloud for almost 20 years, and we have seven apps with more than a billion users that we protect from threats every single day, and GCP itself connects to more than a billion IPs every day. We believe that security empowers innovation—that if you put security first, everything else will follow.

Security is in the details—and we pay attention at the most granular level. We were the first to introduce SSL email by default in 2010, we created the U2F security token standard in 2014, Chrome was the first browser to support post-quantum crypto in 2016, and in 2017 we introduced Titan, a purpose-built chip to establish hardware root of trust for both machines and peripherals on cloud infrastructure. These examples show the level of depth that we go into when thinking about security, and the role we take in pushing the industry forward to stay on top of evolving threats.

In addition, Google’s Project Zero team hunts for vulnerabilities across the internet, and have been behind the discoveries of “Heartbleed” as well as the recently-discovered “Spectre” and “Meltdown.” We also provide incentives to the security community to help us look for and find security bugs through our Vulnerability Reward Program.

We know how complex the security landscape is, and we’ve spent a lot of time thinking about how to solve this tough challenge. We’ve developed principles around security that define how we build our infrastructure, how we build our products, and how we operate.

For example, we believe it’s not enough to build something and try to make it secure after the fact. Security should be fundamental to all design, not bolted on to an old paradigm. That’s why we build security through progressive layers that deliver true defense in depth, meaning our cloud infrastructure doesn’t rely on any one technology to make it secure.

Now more than ever, it’s important for companies to make security an utmost priority and take responsibility for protecting their users. That’s true for Google too. At the end of the day, any organization is accountable to people above all, and user trust is crucial to business. If we don’t get security right, we don’t have a business.

That’s one of the reasons why I’m so passionate about cloud as a means to improve security. Google has always worked to protect users across the internet. With Google Cloud, we’re extending those capabilities to help businesses protect their users as well.

In the coming days, we'll share more about how we're pushing cloud security forward. Stay tuned.

Source: Google Cloud


Security in the cloud

Security is one of the biggest issues of our time. Countless companies and governments have lost data because of security incidents. And just one breach could cost millions in fines and lost business—and most importantly, lose customer trust.

As a result, security is increasingly top of mind for CEOs and Boards of Directors. That’s why, this week, I’ll join Google Cloud CEO Diane Greene and many of our colleagues in New York, where we’ll meet with more than 100 CEOs to discuss security in the cloud.

At its most basic level, security is a human issue. Whether performed by individuals or organizations, cybersecurity attacks are ultimately carried out by people, regardless of motive.

Often these attacks rely on exploiting human nature, such as through phishing emails. And it’s people that they ultimately affect. By some accounts, 179 million personal records were exposed just in 2017 through data breaches.

And as a human issue, security is something we can tackle together.

Leveraging the cloud to protect against threats

Cloud providers offer a vast army of experts to protect against threats—one far larger than almost any internal team a company could invest in. In fact, if businesses were to go it alone, there wouldn’t be enough security professionals in the world to adequately protect every single company and their users.

In industries from financial services to healthcare to retail, companies are relying on the automation and scale offered by the cloud to protect their data and that of their customers—allowing their employees to focus on building their business. Many are coming to the same conclusion we have: In many cases, if you’re not moving to the cloud, you’re risking your business.

Take the CPU vulnerabilities that were disclosed in January, for example. These were major discoveries; they rocked the tech industry. But for the most part, cloud customers could go about their business. Here at Google Cloud, we updated our infrastructure through Live Migration, which required no reboots, no customer downtime, and did not materially impact performance. In fact, we got calls from customers asking if we had updated our systems to protect against the vulnerabilities—because they experienced no impact.

These won’t be the last security vulnerabilities to be uncovered; humans will never write perfect code. But the cloud makes it much easier to stay on top of them. The scale of the cloud security teams that find and mitigate emerging threats, the ability to update many systems at scale, and the automation to scan, update and protect users all contribute to cloud’s unique position to keep information and people secure.


Security at Google Cloud

Security has been paramount to Google from the very beginning. (I would know!) We’ve been operating securely in the cloud for almost 20 years, and we have seven apps with more than a billion users that we protect from threats every single day, and GCP itself connects to more than a billion IPs every day. We believe that security empowers innovation—that if you put security first, everything else will follow.

Security is in the details—and we pay attention at the most granular level. We were the first to introduce SSL email by default in 2010, we created the U2F security token standard in 2014, Chrome was the first browser to support post-quantum crypto in 2016, and in 2017 we introduced Titan, a purpose-built chip to establish hardware root of trust for both machines and peripherals on cloud infrastructure. These examples show the level of depth that we go into when thinking about security, and the role we take in pushing the industry forward to stay on top of evolving threats.

In addition, Google’s Project Zero team hunts for vulnerabilities across the internet, and have been behind the discoveries of “Heartbleed” as well as the recently-discovered “Spectre” and “Meltdown.” We also provide incentives to the security community to help us look for and find security bugs through our Vulnerability Reward Program.

We know how complex the security landscape is, and we’ve spent a lot of time thinking about how to solve this tough challenge. We’ve developed principles around security that define how we build our infrastructure, how we build our products, and how we operate.

For example, we believe it’s not enough to build something and try to make it secure after the fact. Security should be fundamental to all design, not bolted on to an old paradigm. That’s why we build security through progressive layers that deliver true defense in depth, meaning our cloud infrastructure doesn’t rely on any one technology to make it secure.

Now more than ever, it’s important for companies to make security an utmost priority and take responsibility for protecting their users. That’s true for Google too. At the end of the day, any organization is accountable to people above all, and user trust is crucial to business. If we don’t get security right, we don’t have a business.

That’s one of the reasons why I’m so passionate about cloud as a means to improve security. Google has always worked to protect users across the internet. With Google Cloud, we’re extending those capabilities to help businesses protect their users as well.

In the coming days, we'll share more about how we're pushing cloud security forward. Stay tuned.

Source: Google Cloud


Keeping cloud entry points secure with Google Chrome Enterprise

When we introduced Chrome Enterprise last August, our aim was to provide a single solution that connected employees while giving admins the flexibility and control they needed to keep their businesses protected. Since then, security has only become more of a priority for enterprises. In fact, last year alone, 98% of businesses were affected by malware, and employee endpoints—like laptops, tablets, and smartphones—were increasingly the target of attacks.

Enterprise IT admins know this all too well. With hardware, firmware, browsers, apps and networks to protect, admins now face more risks than ever, while managing more devices than ever. We built our Chrome Enterprise ecosystem with this complex landscape in mind, and today we’re adding new enhancements and partnerships as we continue to make Chrome Enterprise the most secure endpoint solution for businesses in the cloud.

Here’s a look at how these updates can help protect businesses, and their data, at every cloud access point.

Offering more ways for businesses to manage their devices from a single unified management solution

For many businesses, managing a broad range of devices within one unified endpoint management solution is a necessity. Last year, we announced our first enterprise mobility management (EMM) partnership with VMware AirWatch, the first third-party solution with the capability to manage Chrome OS. Today, we’re expanding this with four new partnerships with EMM providers, which gives IT admins the ability to manage and implement security policies across their full fleet of devices from a single place.


  • Cisco Meraki offers a comprehensive set of solutions that includes wireless, switching, security, endpoint management, and security cameras, all managed through Meraki’s web-based dashboard interface.

  • Citrix XenMobile provides device and application management for comprehensive mobile security, and pairs well with other recent Citrix integrations.

  • IBM MaaS360 with Watson delivers a cognitive approach to unified endpoint management, enabling the management of endpoints, end users and everything in between.

  • ManageEngine Mobile Device Manager Plus (a division of Zoho Corp) is a unified endpoint management console for configuring, managing and securing mobile devices, desktops and apps.

With these partnerships in place, enterprises can pick the solution that fits their business best.

Helping enterprises manage Chrome OS alongside legacy infrastructure with more Active Directory enhancements

Building on our initial integration with Active Directory last August, we’ve added a number of enhancements to help admins manage Chrome OS alongside legacy infrastructure. Administrators can now configure managed extensions directly through Group Policy Objects. Users can authenticate to Kerberos and NTLMv2 endpoints on their local network directly from Chrome OS. We’re also expanding our support for common enterprise Active Directory setups like multiple domain scenarios. And we’ve improved our existing certificate enrollment flows with Active Directory Certificate Services (ADCS).

Continuing to deepen and expand management capabilities in Chrome Browser and Chrome OS

The less time IT has to spend on mundane, manual tasks means more time to focus on business critical projects. That’s why Chrome Enterprise was designed to give IT admins the ability to grant, manage and adjust user permissions at scale, with fewer repetitive tasks. Chrome Enterprise already lets admins fine tune more than 200 security policies and grant secure, authorized employee access to online resources, and we’re continuing to add additional controls to help. In recent months, we’ve added the following controls to help admins:


  • Per-permission extension blacklisting lets admins restrict access to extensions based on the permissions required, for example, extensions that require the use of a webcam. This allows admins to now authorize an employee’s access to more extensions in the Google Chrome Web Store but maintain fine-grained admin controls across web properties.

  • Sign-ins can be disabled from an outdated OS to help administrators comply with security policies that dictate how many versions behind their users are allowed to run on.

  • Admins can ensure that only managed devices can connect to their single sign-on servers by gating that access with device-wide certificates. These certificates effectively attest to the Chrome endpoint’s managed state.

  • Newly added support for automatic forced re-enrollment will now allow a Chrome device that has been wiped or recovered to re-enroll into the corporate domain without requiring administrator credentials. This will help ensure corporate devices remain enrolled without requiring any admin intervention.

With Chrome Enterprise, our focus is not only on Chrome OS, but how businesses use Chrome Browser across all their platforms. Last December we announced a number of security enhancements for Chrome Browser with the aim to help enterprises stay safe. We’ve now added  a policy that allows IT to require users to sign-in to Chrome Browser, ensuring security policies are applied to browsing sessions across platforms. And in the coming months, we’ll be adding enterprise reporting capabilities in Chrome Browser that give IT admins access to data about installed extensions, status of configured policies, telemetry data and much more. With this information, IT can better understand security status of each endpoint under their control.

Continually managing vulnerabilities to help businesses stay protected

All of today’s announcements help admins stay on top of their organization’s security, and these features are in addition to the benefits admins already get with Chrome Enterprise.

For example, keeping hardware up to date is one of the easiest ways IT admins can keep endpoints secure, yet it can also be one of the most time-intensive tasks in an admin’s day. That’s why we built Chrome OS so that it automatically deploys security updates to ensure all devices run the latest version of Chrome OS. Chrome Browser prevents exposure to phishing and malware, and if threats are detected on third-party apps, admins can uninstall apps remotely with managed Google Play.

The proactive protection, control, and endpoint management advantages offered by Chrome Enterprise are why companies such as Sanmina Corporation are deploying Chrome across their businesses.

“As a multinational manufacturing and supply chain company that makes everything from the electronics in your car to mission critical systems for aerospace and medical products, security is of the utmost importance to us,” said Manesh Patel, CIO of Sanmina. “Deploying Chrome OS and G Suite in our facilities all over the world has allowed us to transform our workforce and collaborate securely in the cloud. It gives us peace of mind to know that our data is secure, and allows us to focus on building world-class products."

More to come

In the coming weeks there’ll be additional blog posts that offer deeper looks into what these enhancements can mean for businesses. In the meantime, you can learn more about security in Chrome Enterprise on our website.

How Chrome Enterprise is helping healthcare companies provide better patient experiences

As Robert Reiss recently said in Forbes, “the only constant in healthcare is change.” The digital landscape in healthcare is no exception. While patient needs are increasing, pressures to keep costs down have mounted. On the technology front, stories about data breaches dominate the headlines. And yet the industry has come to increasingly realize it must use IT as a facilitator to deliver more and better care at a lower cost. For many organizations, the solution has been to move more workloads from traditional systems to the cloud.

One way many organizations have addressed this opportunity has been through the adoption of Chrome Enterprise and Chrome devices. Because it can be faster, more secure and integrated with critical virtualization solutions, Chrome OS has seen rapid adoption in the healthcare sector. Organizations like Middlesex Hospital and Chapters Health System are using Chrome Enterprise to provide a secure, future-proof entry point to the cloud, connecting their staff to data-driven systems so they can focus on what’s most important—delivering great patient care.

Bringing Chrome OS to healthcare organizations

From secure, self-service kiosks to shared nurse workstations, there are many ways Chrome OS can offer better experiences for staff, visitors and patients alike. And with a variety of formats and price points, Chrome devices have the flexibility to fit a broad range of use cases. Here are a few things the healthcare industry can do with Chrome Enterprise:


  • Free up staff from fixed workstations: By deploying Chromebooks, staff gets easy access to apps and virtualized clinical software no matter where they are. This access means they can spend less time at a desk and more time helping patients and providing excellent care.

  • Connected operations: Improving operational efficiency and making training more accessible with shared Chrome devices and cloud-based resources provides cost efficiencies for IT without compromising quality or data security.

  • Give patients more control: Self-serve kiosks with easy to manage digital signage can keep patients informed of appointment status or next steps in real-time.

Learn more about Chrome OS at HIMSS

This week at the HIMSS Health IT Conference, we'll be on hand to chat about our latest Chrome Enterprise solutions and technology partnerships, including a new collaboration between Healthcast, Citrix and Chrome OS that aims to provide a more secure and economical approach to data access.

QwickACCESS for Chrome devices, Healthcast’s unique proximity badge functionality, empowers healthcare professionals with a secure sign-on option that lets them quickly log in and out of devices with a simple tap of a proximity badge. The integration of QwickACCESS with Citrix XenDesktop provides staff with access to any electronic health record (EHR), non-EHR and legacy applications on Chrome OS using their proximity badge. This solution means staff can spend more time focused on patients, while IT leaders benefit from a system that improves security and compliance, reduces cost and contributes to a better patient experience.

Sridhar Mullapudi, VP of Product Management at Citrix, said of the new partnership: “In healthcare, we’re seeing rapid adoption of Chrome OS for its speed, security, simplicity and shareability, and for its tight integration with Citrix, the industry-leading virtual desktop solution in healthcare. By simplifying access management, the combination of Chrome OS, QwickACCESS and Citrix XenDesktop makes it easy to reduce productivity lags and resolve critical security and compliance issues."

Expanding security in cloud entry points for healthcare

Since announcing Chrome OS’s expanded endpoint management and controls in August, we’ve been working with our partner VMware to broaden our joint offering. At HIMMS, we’ll show the healthcare industry how they can securely access sensitive data and apps using a Chrome OS device such as a Chromebook. VMware’s Digital Clinical Workspace and Point of Care solutions, powered by their Horizon virtual desktops and applications platform, offer continuous access to clinical desktops and point-of-care applications with the freedom to work from anywhere. You can read more in their blog post.

To learn more about Chrome’s Citrix and Healthcast partnership, VMware’s offerings on Chrome OS, or other ways to bring Chrome Enterprise to healthcare, visit the Google Chrome Enterprise booth at HIMSS at booth # 2829, Level 2, Zone 2 20x40, or view the Connected Healthcare page.

Android Enterprise Recommended: Raising the bar of excellence for enterprise mobility

With more than 2 billion active devices worldwide, Android provides great choice and diversity for users and businesses alike. But with so many options available, enterprise IT organizations around the world often ask: “Which Android devices are right for my organization?”

Some of the top concerns we’ve heard from customers include the need for frequent security updates, reliable and consistent software experiences, and simplified device selection. To address these needs, we’re launching the Android Enterprise Recommended program, a Google-led global initiative that raises the bar of excellence for enterprise devices and services.

android enterprise recommended badge

Validated by Google

Android Enterprise Recommended establishes best practices and common requirements for devices and services, backed by a thorough testing process conducted by Google. Devices in the program meet an elevated set of specifications for hardware, deployment, security updates, and user experience to help organizations handle the most challenging and diverse business environments. In addition, OEMs in the program receive an enhanced level of technical support and training from Google.  

Some of the Android Enterprise Recommended requirements and best practices include:

  • Minimum hardware specifications for Android 7.0+ devices

  • Support for bulk deployment of Android devices including zero-touch enrollment

  • Delivery of Android security updates within 90 days of release from Google, for a minimum of three years

  • Availability of unlocked devices, direct from manufacturer or reseller

  • Consistent application experience in managed profiles and on managed devices  

  • The full list of Android Enterprise Recommended requirements can be found on our site.

With each new Android platform release, we will update the Android Enterprise Recommended program requirements, and continue to raise the bar to ensure we are delivering the best experience for our enterprise customers.

Android Enterprise Recommended devices

We're pleased to announce a number of market-leading devices at launch, including:

  • BlackBerry KEYone and Motion

  • Google Pixel, Pixel XL, Pixel 2, and Pixel 2 XL

  • Huawei Mate 10, Mate 10 Pro, P10, P10 Plus, P10 Lite, and P smart

  • LG V30 and G6

  • Motorola X4 and Z2

  • Nokia 8

  • Sony Xperia XZ1, XZ1 Compact, XZ Premium, XA2, and XA2 Ultra

You can expect more Android Enterprise Recommended devices to be added in the coming weeks and months. Throughout 2018, we will also be applying the Android Enterprise Recommended framework to additional partner types, including OEMs of “dedicated” and rugged devices, mobile carriers, enterprise mobility management (EMM) providers and systems integrators.

Mobility has been critical to digital transformation for enterprises. We have listened to our customers and partners, and believe that the Android Enterprise Recommended program will help simplify and add confidence to decision making, allowing global IT leaders to focus more on their core business. Together with our partners, we’ll continue to deliver devices and services to make our enterprise customers successful through enterprise mobility. We are excited to announce the start of this journey.

Learn more about the Android Enterprise Recommended program and how it can benefit your organization on our site.

Vertex helps customers simplify business tax prep with Chrome browser

Editor’s note: Today’s post is by Kong Yang, Technical Director of Enterprise Solutions for Vertex, which develops tax management solutions for business. Vertex uses Chrome browser to provide a fast and user-friendly platform for Vertex Enterprise, the company’s flagship tax product.

Anyone who’s filed a tax return knows how complex tax calculations can be. Every improvement Vertex makes to our products helps our customers simplify tax calculation and reporting, so they can file taxes and create reports faster. Vertex Enterprise, our tax technology platform, helps customers handle indirect tax data calculation and reporting through a single platform that can be used across all tax processes. By optimizing our products for Chrome browser, we ensure our customers have a secure and productive environment for calculating business taxes and running tax reports, so they can focus on analyzing results and making better business decisions.

One question we often hear from our customers is how we keep their data safe. Chrome browser supports the security headers we chose, including headers that help us block cross-site scripting attacks and add protocols for secure HTTP communications. By using these security headers, we can give our customers peace of mind about the privacy of their tax data. In addition, data in every Chrome browser tab is protected through sandboxing built right into the browser.

We don't hit technical limitations with Chrome browser, so we’re able to focus on other important tasks, like building new features and inspecting code in real time on the back end. This helps us troubleshoot customer issues. We can reproduce the precise problem or performance lag that’s happening on the customer side, and figure out very quickly how to fix errors. Our customers love it when we can resolve an issue just a few minutes after they report it to us.

We’ve received good feedback from customers using Chrome browser and Vertex. As Ryan Meas, Indirect Senior Tax Manager at Starbucks tells us, “Chrome browser makes it easy for us to use Vertex—everyone knows Chrome browser well since they often use it outside of work, so we know the adoption rate will be high.”

Our customers have high expectations that our products will simply work the way they’re supposed to, without glitches or slowdowns. We feel the same way about Chrome browser: in our experience, Chrome browser just works, no matter what new product features or updates we throw at it. By optimizing our platform for Chrome browser, we can focus on building products that make managing taxes easy, and our customers can focus on their businesses.

VMware puts its focus on Android enterprise

Over the last year, we’ve added a number of new features to Android's modern management modes to enhance security and simplify deployment for IT admins.

Our partners—leaders in the enterprise mobility ecosystem—haven’t been standing still either. We love to support and recognize the great work they’re doing to help customers adopt Android's latest capabilities.

For example, enterprise mobility management (EMM) partner VMware recently announced it’s shifting the default deployment model in the next major release of the VMware AirWatch console to Android enterprise. Customers that use AirWatch to manage their organization’s Android devices will benefit from our modern APIs that support the work profile and device owner mode.

As VMware notes on its blog, admins can trust the work profile to keep company data separate and secure on employees’ devices. Team members can turn off work apps for those times they want some work-life balance, while also gaining the assurance their personal data remains private. For companies that deploy their own devices, VMware and other partners support our strong and flexible tools for management.

We're excited to see partners like VMware help customers embrace the latest Android has to offer. For those interested, VMware has released a walkthrough guide, which is available in VMware TestDrive, that's a good place for customers to get started.

VMware’s transition to Android enterprise is a great example of how one of our partners is embracing the modern APIs and latest capabilities of our secure and flexible platform. We’re looking forward to seeing further innovations from our partners that will accelerate what businesses can accomplish with enterprise mobility.

What Google Cloud, G Suite and Chrome customers need to know about the industry-wide CPU vulnerability

Last year, Google’s Project Zero security team discovered a vulnerability affecting modern microprocessors. Since then, Google engineering teams have been working to protect our customers from the vulnerability across the entire suite of Google products, including Google Cloud Platform (GCP), G Suite applications, and the Google Chrome and Chrome OS products. We also collaborated with hardware and software manufacturers across the industry to help protect their users and the broader web.

All G Suite applications have already been updated to prevent all known attack vectors. G Suite customers and users do not need to take any action to be protected from the vulnerability.

GCP has already been updated to prevent all known vulnerabilities. Google Cloud is architected in a manner that enables us to update the environment while providing operational continuity for our customers. We used our VM Live Migration technology to perform the updates with no user impact, no forced maintenance windows and no required restarts.

Customers who use their own operating systems with GCP services may need to apply additional updates to their images; please refer to the GCP section of the Google Security blog post concerning this vulnerability for additional details. As more updates become available, they will be tracked on the the Compute Engine Security Bulletins page.

Finally, customers using Chrome browser—including for G Suite or GCP—can take advantage of Site Isolation as an additional hardening feature across desktop platforms, including Chrome OS. Customers can turn on Site Isolation for a specific set of websites, or all websites.

The Google Security blog includes more detailed information about this vulnerability and mitigations across all Google products.  

Source: Google Cloud