Monthly Archives: May 2017

Keeping your company data safe with new security updates to Gmail

Keeping company data secure is priority one, and that starts with protecting the tools that your employees use every day. We’re constantly adding security features to help businesses stay ahead of potential threats, and are excited to announce new security features for Gmail customers, including early phishing detection using machine learning, click-time warnings for malicious links, unintended external reply warnings and built-in defenses against new threats.

New machine learning models in Gmail to block phishing

Machine learning helps Gmail block sneaky spam and phishing messages from showing up in your inbox with over 99.9 percent accuracy. This is huge, given that 50-70 percent of messages that Gmail receives are spam. We’re continuing to improve spam detection accuracy with early phishing detection, a dedicated machine learning model that selectively delays messages (less than 0.05 percent of messages on average) to perform rigorous phishing analysis and further protect user data from compromise.

Our detection models integrate with Google Safe Browsing machine learning technologies for finding and flagging phishy and suspicious URLs. These new models combine a variety of techniques such as reputation and similarity analysis on URLs, allowing us to generate new URL click-time warnings for phishing and malware links. As we find new patterns, our models adapt more quickly than manual systems ever could, and get better with time.
Gmail security - still

New warnings for employees to prevent data loss 

When employees are empowered to make the right decisions to protect data, it can improve an enterprise’s security posture. To help with this, Gmail now displays unintended external reply warnings to users to help prevent data loss. Now, if you try to respond to someone outside of your company domain, you’ll receive a quick warning to make sure you intended to send that email. And because Gmail has contextual intelligence, it knows if the recipient is an existing contact or someone you interact with regularly, to avoid displaying warnings unnecessarily.

Gmail Security - GIF

Protecting your business with the latest security advancements

Security threats are constantly evolving and we’re always looking for ways to help people protect their data. With new built-in defenses against ransomware and polymorphic malware, Gmail now blocks millions of additional emails that can harm users. We classify new threats by combining thousands of spam, malware and ransomware signals with attachment heuristics (emails that could be threats based on signals) and sender signatures (already marked malware).

Outside of today’s updates, here are a few other security advancements we’ve made within Gmail to make sure you stay protected:

Whirlpool, PWC and Woolworths are just a few companies that rely on Gmail to securely collaborate. Learn more.

Source: Gmail Blog


Keeping your company data safe with new security updates to Gmail

Keeping company data secure is priority one, and that starts with protecting the tools that your employees use every day. We’re constantly adding security features to help businesses stay ahead of potential threats, and are excited to announce new security features for Gmail customers, including early phishing detection using machine learning, click-time warnings for malicious links, unintended external reply warnings and built-in defenses against new threats.

New machine learning models in Gmail to block phishing

Machine learning helps Gmail block sneaky spam and phishing messages from showing up in your inbox with over 99.9 percent accuracy. This is huge, given that 50-70 percent of messages that Gmail receives are spam. We’re continuing to improve spam detection accuracy with early phishing detection, a dedicated machine learning model that selectively delays messages (less than 0.05 percent of messages on average) to perform rigorous phishing analysis and further protect user data from compromise.

Our detection models integrate with Google Safe Browsing machine learning technologies for finding and flagging phishy and suspicious URLs. These new models combine a variety of techniques such as reputation and similarity analysis on URLs, allowing us to generate new URL click-time warnings for phishing and malware links. As we find new patterns, our models adapt more quickly than manual systems ever could, and get better with time.
Gmail security - still

New warnings for employees to prevent data loss 

When employees are empowered to make the right decisions to protect data, it can improve an enterprise’s security posture. To help with this, Gmail now displays unintended external reply warnings to users to help prevent data loss. Now, if you try to respond to someone outside of your company domain, you’ll receive a quick warning to make sure you intended to send that email. And because Gmail has contextual intelligence, it knows if the recipient is an existing contact or someone you interact with regularly, to avoid displaying warnings unnecessarily.

Gmail Security - GIF

Protecting your business with the latest security advancements

Security threats are constantly evolving and we’re always looking for ways to help people protect their data. With new built-in defenses against ransomware and polymorphic malware, Gmail now blocks millions of additional emails that can harm users. We classify new threats by combining thousands of spam, malware and ransomware signals with attachment heuristics (emails that could be threats based on signals) and sender signatures (already marked malware).

Outside of today’s updates, here are a few other security advancements we’ve made within Gmail to make sure you stay protected:

Whirlpool, PWC and Woolworths are just a few companies that rely on Gmail to securely collaborate. Learn more.

Source: Gmail Blog


Keeping your company data safe with new security updates to Gmail

Keeping company data secure is priority one, and that starts with protecting the tools that your employees use every day. We’re constantly adding security features to help businesses stay ahead of potential threats, and are excited to announce new security features for Gmail customers, including early phishing detection using machine learning, click-time warnings for malicious links, unintended external reply warnings and built-in defenses against new threats.

New machine learning models in Gmail to block phishing

Machine learning helps Gmail block sneaky spam and phishing messages from showing up in your inbox with over 99.9 percent accuracy. This is huge, given that 50-70 percent of messages that Gmail receives are spam. We’re continuing to improve spam detection accuracy with early phishing detection, a dedicated machine learning model that selectively delays messages (less than 0.05 percent of messages on average) to perform rigorous phishing analysis and further protect user data from compromise.

Our detection models integrate with Google Safe Browsing machine learning technologies for finding and flagging phishy and suspicious URLs. These new models combine a variety of techniques such as reputation and similarity analysis on URLs, allowing us to generate new URL click-time warnings for phishing and malware links. As we find new patterns, our models adapt more quickly than manual systems ever could, and get better with time.
Gmail security - still

New warnings for employees to prevent data loss 

When employees are empowered to make the right decisions to protect data, it can improve an enterprise’s security posture. To help with this, Gmail now displays unintended external reply warnings to users to help prevent data loss. Now, if you try to respond to someone outside of your company domain, you’ll receive a quick warning to make sure you intended to send that email. And because Gmail has contextual intelligence, it knows if the recipient is an existing contact or someone you interact with regularly, to avoid displaying warnings unnecessarily.

Gmail Security - GIF

Protecting your business with the latest security advancements

Security threats are constantly evolving and we’re always looking for ways to help people protect their data. With new built-in defenses against ransomware and polymorphic malware, Gmail now blocks millions of additional emails that can harm users. We classify new threats by combining thousands of spam, malware and ransomware signals with attachment heuristics (emails that could be threats based on signals) and sender signatures (already marked malware).

Outside of today’s updates, here are a few other security advancements we’ve made within Gmail to make sure you stay protected:

Whirlpool, PWC and Woolworths are just a few companies that rely on Gmail to securely collaborate. Learn more.

Source: Google Cloud


Keeping your company data safe with new security updates to Gmail

Keeping company data secure is priority one, and that starts with protecting the tools that your employees use every day. We’re constantly adding security features to help businesses stay ahead of potential threats, and are excited to announce new security features for Gmail customers, including early phishing detection using machine learning, click-time warnings for malicious links, unintended external reply warnings and built-in defenses against new threats.

New machine learning models in Gmail to block phishing

Machine learning helps Gmail block sneaky spam and phishing messages from showing up in your inbox with over 99.9 percent accuracy. This is huge, given that 50-70 percent of messages that Gmail receives are spam. We’re continuing to improve spam detection accuracy with early phishing detection, a dedicated machine learning model that selectively delays messages (less than 0.05 percent of messages on average) to perform rigorous phishing analysis and further protect user data from compromise.

Our detection models integrate with Google Safe Browsing machine learning technologies for finding and flagging phishy and suspicious URLs. These new models combine a variety of techniques such as reputation and similarity analysis on URLs, allowing us to generate new URL click-time warnings for phishing and malware links. As we find new patterns, our models adapt more quickly than manual systems ever could, and get better with time.
Gmail security - still

New warnings for employees to prevent data loss 

When employees are empowered to make the right decisions to protect data, it can improve an enterprise’s security posture. To help with this, Gmail now displays unintended external reply warnings to users to help prevent data loss. Now, if you try to respond to someone outside of your company domain, you’ll receive a quick warning to make sure you intended to send that email. And because Gmail has contextual intelligence, it knows if the recipient is an existing contact or someone you interact with regularly, to avoid displaying warnings unnecessarily.

Gmail Security - GIF

Protecting your business with the latest security advancements

Security threats are constantly evolving and we’re always looking for ways to help people protect their data. With new built-in defenses against ransomware and polymorphic malware, Gmail now blocks millions of additional emails that can harm users. We classify new threats by combining thousands of spam, malware and ransomware signals with attachment heuristics (emails that could be threats based on signals) and sender signatures (already marked malware).

Outside of today’s updates, here are a few other security advancements we’ve made within Gmail to make sure you stay protected:

Whirlpool, PWC and Woolworths are just a few companies that rely on Gmail to securely collaborate. Learn more.

A new Gmail security feature that improves the early detection of phishing attempts for G Suite users

As part of Gmail's continued efforts to make email more safe and secure for our users, a new advanced security feature is being added to Gmail. Last year we announced the inclusion of security warnings when users attempt to access a dangerous site. With this new feature, we are improving the timeliness of phishing identification.

Delayed delivery of email messages with suspicious content

Phishing attempts follow a predictable pattern when you look at them in aggregate, and Gmail’s security experts have developed a new algorithm that flags and delays potentially suspicious messages.This selective delay facilitates additional checks on the content of the message prior to delivery and benefits from real time updates to the spam filter — as well as up to date phishing protection from Google’s Safe Browsing technology.

Considerations
  • Because Safe Browsing must test the results of the link, emails can be delayed by up to 4 minutes.
  • This feature is not a replacement for anti-malware/phishing software, and we do not recommend using it in place of your organization’s existing security software.

Opting out: This feature can be controlled from the Admin console, and is launching as as default On. If you do not wish to delay email to your users for any reason, you can disable the feature from the Admin console. Learn more

Launch Details
Release track:
Launching to both Rapid release and Scheduled release

Editions:
Available to all G Suite editions

Rollout pace:
Full rollout (1-3 days for feature visibility)

Impact:
Admins only

Hey Canada, get tappin’ this spring with Android Pay

T-shirt. Check. Flip flops. Check. Android phone. Check.

As Canadians exchange parkas and scarves for t-shirts and flip flops this spring, we have some news that may lighten their pockets, too. Whether you’re heading out to buy groceries or grabbing a cup of coffee with friends, now your Android phone is all you need to walk out the door.

Today, we’re beginning to roll out Android Pay across Canada to help you pay simply and securely in stores and in apps.

We’ll be rolling out support for top banks over the next several days, and this is just the beginning. We will continue to add even more features, banks and store locations in the coming months, making it even easier to pay with your Android phone.
Now, you’ll be able to use Android Pay at hundreds of thousands of shops across the country that accept contactless payments, like Tim Hortons, Loblaws, Petro-Canada, McDonald’s, Indigo, Pizza Pizza, Sears Canada and more, and in TELUS, Rogers, Fido and Freedom Mobile retail stores. Just tap with your phone as you would with your participating credit, debit or prepaid card. It’s that simple. 
You’ll also be able to breeze through checkout in your favourite apps, including Lululemon, Uber, Ritual, HotelTonight, and more. Just look for the Android Pay button, and say goodbye to entering your payment and address details each time you buy.
Android Pay also stores your gift cards, loyalty cards and special offers right on your phone.

How does Android Pay work?

Using Android Pay is simple. Just wake up your phone (you don’t even have to open an app or unlock it), hold it near the payment terminal, and voilà — your payment is done. After you check out, you’ll get helpful information on your phone about your recent transactions.
To get started, install the Android Pay app from the Google Play Store. It’s available on all Android devices that are NFC-enabled, supporting Google Play Services, and running on KitKat 4.4 or higher. Simply open, set up, and get tapping.

Over the next several days, Android Pay is rolling out with support from eligible Visa and MasterCard credit cards from BMO Bank of Montreal, CIBC, Banque Nationale, Scotiabank, Desjardins, President’s Choice Financial, ATB Financial, and Canadian Tire Financial Services in Canada, and prepaid Scotiabank and Desjardins cards. Support for Interac-branded debit cards will begin roll-out on Monday, and support for American Express cards and Tangerine is coming later this summer. You can add multiple eligible cards and select which card you want to use before you pay, so you can always enjoy the best deals available.
We've teamed up with many leading payment platforms, processors, and technology providers such as Moneris, Bambora, Chase, Cybersource, First Data, Global Payments, Paysafe, WorldPay and Stripe to make it even easier to accept Android Pay. Visit the Android Pay API developer site to learn more.
Happy shopping!

Gmail Administrators can now enable unintended external reply warnings to mitigate unintentional data loss

This release adds a new Gmail security feature to warn G Suite users when responding to emails sent from outside of their domain and not in their contacts. This feature can give enterprises protection against forged email messages, impersonation, as well as common user-error when sending mail to the wrong contacts.



How does it work?

  • When a user hits reply in Gmail, Google scans the recipient list, including addresses in CC and BCC. If a recipient is both external to the user’s organization and not present in their Contacts, we will display the warning.
  • We treat secondary domains and domain aliases like primary domains, so your users will not be warned when emailing users at your subdomains.
  • If the recipient is intended, the user can dismiss the warning and proceed with the response. We won’t show the warning again for that recipient.
  • Unintended external reply warning is controlled from the Admin console control in the Advanced Gmail settings and is launching default off. It can be toggled on or off by organizational unit or for your entire domain.


Launch Details
Release track:  
Launching to both Rapid and Scheduled release.

Rollout pace: 
Full rollout (1-3 days for feature visibility)

Impact: 
All end users

Action:
Change management suggested. The Help Center article below outlines the expected behavior, and can be used to help effectively communicate these changes to users.

More Information
Help Center: Unintended external reply warnings


Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

Compute Engine updates bring Skylake GA, extended memory and more VM flexibility



We’re pleased to announce several updates to Google Compute Engine that give you more powerful and flexible instances. Google Cloud is the first and only public cloud to deliver Intel’s next-generation Xeon server processor (codenamed Skylake), and starting today, it’s generally available (GA). In addition, we’ve made several other enhancements to Compute Engine:
  • Increased total amount of memory per instance by removing memory caps
  • Increased variety of machine shapes
  • Simple process to select a baseline processor type
  • Availability of 64-core processors in all regions
  • Broadwell CPUs available in all regions
These improvements help you get the performance from Compute Engine that you need, in the configuration you want.

Skylake is generally available

With up to 64 vCPUs and 455GB of RAM, Skylake-based instances support a wide range of compute-intensive workloads, including scientific modeling, genomic research, 3D rendering, data analytics and engineering simulations. Since we first launched Skylake for Compute Engine in February, GCP customers have run millions of hours of compute on Skylake VMs, seeing increased performance for a variety of applications.

With this GA release, you can create new VMs with Skylake across Compute Engine’s complete family of VM instance types  standard, highmem, highcpu, Custom Machine Types, as well as Preemptible VMs. You can provision Skylake VMs using Cloud Console, the gcloud command line tool, or our APIs. Skylake is available in three GCP regions: Western US, Western Europe and Eastern Asia Pacific. Customer demand for Skylake has been very strong; we have more capacity arriving every day, and support for additional regions and zones coming in the near future.

To help you experience Skylake, we're offering Skylake VMs at no additional cost for a limited time. After a 60-day promotional period, Skylake VMs will be priced at a 6-10% premium depending on the specific machine configuration. Given the significant performance increase over previous generations of Intel processors, this continues our record of providing a leading price-performance cloud computing platform.

CPU platform selector

Google Cloud Platform (GCP) regions and zones are equipped with a diverse set of Intel Xeon-based host machines, with CPUs including Sandy Bridge, Ivy Bridge, Haswell, Broadwell and now Skylake microarchitectures. In addition to fundamental systems features like clock speed and memory access time, these CPU platforms also support unique features like AVX-2 and AVX-512.

Now, with our Minimum CPU Platform feature, you can select a specific CPU platform for VMs in that zone, and Compute Engine will always schedule your VM to that CPU family or above. You can assign a minimum CPU platform to a VM from the Cloud Console, Google Cloud SDK, or API, with full flexibility to choose the CPU features that work best for your applications.

Enabling this enhanced flexibility also allows us to now offer Broadwell CPU support in every region, as well as the ability to create VMs up to 64 vCPUs in size.
In the gcloud command line tool, use the instances create subcommand, followed by the --min-cpu-platform flag to specify a minimum CPU platform.

For example, the following command creates an n1-standard-1 instance with the Intel Broadwell (or later) CPU platform.

gcloud beta compute instances create example-instance --machine-type 
n1-standard-1 --min-cpu-platform “Intel Broadwell”

To see which CPUs are available in different GCP zones, check our Available Regions and Zones page. For complete instructions for using --min-cpu-platform, please refer to our documentation.

Extended memory, where you want it

Compute Engine Custom Machine Types allow you to create virtual machines with the vCPU and memory ratios to fit your application needs. Now, with extended memory, we’ve removed memory ratio restrictions for a vCPU (previously set at 6.5GB), for a maximum of 455GB of memory per VM instance. This is great news for applications like in-memory databases (e.g. Memcached & Redis), high-performance relational databases (e.g. Microsoft SQL Server) and NoSQL databases (e.g. MongoDB) that benefit from flexible memory configurations to achieve optimum price-performance. To learn more about the pricing for extended memory please take a look at our pricing page.

You can create a VM with extended memory using the Cloud Console, Cloud SDK or APIs.


For example, this command creates a 2 vCPU, 15GB memory instance (including an extended memory of 2GB):

gcloud beta compute instances create example-instance 
--custom-cpu 2 --custom-memory 15 --custom-extensions

Complete instructions for using extended memory are available in our documentation.

Get started today

The minimum CPU platform selector, extended memory to 455GB, availability of 64-core machines, Broadwell processors in all regions and the GA of Skylake processors are now all available for you and your applications. If you’re new to GCP you can try all of this out when you sign up for $300 free trial. We’d love to hear about the amazing things you do with these Compute Engine enhancements in the comments below.

Upcoming change: Admins now have more control over Profile fields, and changes to the Contacts On/Off setting

On June 26, 2017, we’re releasing some changes that will bring user profile management under the direct control of G Suite admins, starting with the Name, Photo, Gender, and Birthday fields. Whereas end users could previously only edit these fields if they had upgraded to Google+, these new controls let admins decide which profile fields can be edited by end users, independent of Google+ status. Additionally, we are renaming the Contacts setting to Directory in order to better describe the functionality and, as such, the Contacts on/off setting within it will be removed.

More about this change

If you want to enable or disable your users’ ability to modify their Name, Photo, Gender, or Birthday, you can now do so from the Admin console. You will continue to be able to set these fields directly yourself where supported in the Admin console, or sync values using Google Cloud Directory Sync.




Profile editability can be toggled for your entire domain or by organizational unit (OU).

Editability settings are respected across Google. Once editability is enabled, your users can modify their profile information from My Account, About Me or other surfaces where profile editing is supported. If editing is disabled, users will be directed to you, the administrator, if they need to make changes.



This is the first in several launches that will grant admins better control over the editability of user profile data. Stay tuned for additional profile, directory, and contact management improvements in the future.

Service setting for Contacts On/Off: As part of this launch, we are removing the Contacts service on/off setting from the Admin console starting on June 26, 2017. Today, this setting only controls access to the Web contacts manager at contacts.google.com. It does not control any other user access to contacts, such as the contacts manager in Gmail, the Contacts Preview, API access to contacts, or the Directory functionality.

Once the Contacts on/off setting is removed from the Admin console, we will retain the the Web contacts manager on/off preference you’ve already specified. Please review whether this setting needs to be changed, and if so, make such change in the admin console before June 26, 2017 if required.
You can review your own Admin console settings from the Admin console.

Contacts on/off controls access to
Contacts on/off does not control access to
Web Contacts Manager at contacts.google.com
  • Web Contacts embedded in Gmail
  • Web Contacts Preview
  • API access to contacts
  • Directory functionality, including autocomplete

When Contacts Preview eventually replaces the current Web contacts manager, the setting will no longer have any effect, and will be fully deprecated.

Default editability settings: At launch, editability behavior will be consistent with pre-launch behavior. For example, if Google+ was disabled for an Organizational Unit, which restricted editing pre-launch, then your editability settings will be “off”, not allowing users to edit their name, gender, photo, or birthdate. For domains with Google+ enabled, we will respect and migrate over the name editability control that existed in the Google+ settings. This design choice was made to keep the impact to your domain minimal, giving you flexibility for when you’d like to make changes.

Current OU/User status
Profile editing default
G+ enabled, name editing disabled
Name editing disabled. Other fields enabled.
G+ enabled, name editing enabled
Editing enabled
G+ disabled
Editing disabled
Newly created domain after launch
Birthdate editing enabled. Other fields disabled.


Special behavior for Education domains: Education domains will not have an editability control for birthdate. For those domains, birthdate will never be editable by end users, except in the Google+ upgrade flow, if Google+ has been enabled.
Special behavior for domains with existing profile photos: Some domains have users with profile photos, despite not having G+ enabled. Those domains will have photo editability enabled on launch, in order to not interfere with existing photos. Admins may change the setting after launch.

Launch Details
Release track:
Launching to both Rapid release and Scheduled release on June 26 2017
Editions:
Available to all G Suite editions
Rollout pace:
Full rollout (1-3 days for feature visibility)
Impact:
Admins and all end users
Action:
Change management suggested/FYI

More Information
Help Center: Managing directory profile changes


Launch release calendar
Launch detail categories
Get these product update alerts by email
Subscribe to the RSS feed of these updates

How automatic Chrome OS updates bolster security with ease and simplicity

IT admins have a challenging role, charged with securing corporate assets while providing employees with tools that are fast, intuitive and accessible from anywhere. Chrome OS is designed and built with security at its core, from Trusted Platform Module (TPM) chips on all hardware, sandboxing of software, and Chrome browser security, endpoints across your organization are secure from boot to shutdown.

The multiple security layers of Chrome OS work together as part of a cohesive security approach, including automatic updates to provide protection on a recurring basis without disrupting your work. Today we’re sharing a closer look at how automatic Chrome OS software updates maintain ongoing security of the platform and devices.

Unlike most other computing platforms, Chrome OS devices always have two images of the system software on separate partitions. This approach serves two purposes. First, there’s no disruption to your work because you can keep working while the backup version is updated. Second, the next time the Chrome OS device boots, which typically takes just 6 to 10 seconds, it runs from the recently updated partition. Essentially, Chrome OS swaps between the two images. That means there’s no waiting for the updates to be applied: You can be up and running in just seconds with new software.

This not only keeps you working, but it can also reduce IT admin support costs. Instead of admins and tech support resources trying to schedule or manually push out software updates to a large number of machines, quick automatic updates happen without disruption.

Major version updates for Chrome OS are available every six weeks on average, though minor improvements are are sometimes available sooner. And important security patches can be pushed in 24 to 48 hours if required. These updates happen automatically in the background and are applied seamlessly to the backup partition. Additionally, all software updates are provided and pushed directly from Google, so there’s no third-party intermediary involved, further helping to speed the delivery of Chrome OS updates.

Chrome OS automatic updates are one of several security layers that protect your devices and data. The updates work hand in hand with the Chrome OS Verified Boot feature to ensure that the system software hasn’t been compromised; if Verified Boot detects software tampering, it forces a reboot into the backup partition of the system software.

To learn more about the benefits of automatic updates and Chrome OS security features, register and join us on June 7 for a Chrome OS Security webinar.