Tag Archives: Other

Extending availability of Google Meet advanced features to all customers through September 30, 2020

What’s changing

Last month, we made our advanced Google Meet video-conferencing capabilities available at no cost to all G Suite Basic, Business, Education, and Nonprofit customers. We’re extending that availability to September 30, 2020, to ensure businesses, organizations, and educators continue their work during this crisis. See our previous post for more details on these features.

In addition, we’re dropping “Hangouts” from the Google Meet name. You’ll start to see this change reflected in the product and across resources over the next few weeks.

Who’s impacted

Admins and end users

Why it’s important

We hope this extension makes it easier for our customers to operate during this crisis. We also recognize that as work and learning are increasingly done from a distance, maintaining security and control across your organization is all the more critical. Check out our post on the G Suite blog to learn more about how Google Meet keeps your organization’s information safe.

Getting started

Admins: If you haven’t yet done so, enable Meet video calling for your organization. You can then turn on live streaming and recording.

  • G Suite Basic, Business, and Nonprofit customers: These advanced features are OFF by default and can be enabled at the domain, OU, or group level.
  • G Suite for Education customers: These advanced features are OFF by default and can be enabled at the domain, OU, or group level. Please see our FAQ in the Help Center for additional education-specific considerations when enabling Meet and these features.
  • G Suite Enterprise and Enterprise for Education customers: These features are already available in your domain and will continue to respect your current settings.

End users: Once enabled in the Admin console, end users can live stream and record meetings. Visit the Help Center to learn more about how to live stream and record a meeting.

Rollout pace


  • Free access to advanced features is available now to all G Suite customers.

Availability


  • Available to all G Suite customers.

Resources




Less secure app turn-off suspended until further notice

Last December, we announced that we’d be turning off less secure app (LSA) access to G Suite accounts, and that you should migrate to OAuth authentication instead. The first phase of the LSA turn-down was scheduled for June 15, 2020. As many organizations deal with the impact of COVID-19 and are now focused on supporting a remote workforce, we want to minimize potential disruptions for customers unable to complete migrations in this timeframe.

As a result, we are suspending the LSA turn-off until further notice. All previously announced timeframes no longer apply. 

This applies to all categories of applications and protocols outlined in our original blog post, including Google Sync for iOS Mail. We’ll announce new timelines on the G Suite Updates blog at a later date.

Despite these timing adjustments, Google does not recommend the use of any application that does not support OAuth. We recommend that you switch to using OAuth authentication whenever possible for your organization. OAuth helps protect your account by helping us identify and prevent suspicious login attempts, and allows us to enforce G Suite admin-defined login policies, such as the use of security keys. See our original blog post for details and instructions on migrating to OAuth

Getting started 


  • Admins: No action required. However, we do recommend switching to OAuth authentication. See our original blog post for details on migrating to OAuth.
  • End users: No end user impact.
  • Developers: Update your app to use OAuth 2.0 as soon as possible.

Experience the new Google Groups, launching in beta

What’s changing 

Later this year, we’ll replace the current Google Groups interface with a new experience. Starting today, you can sign up to try the new experience in beta, giving your organization early access to the new UI and a head start on the migration from classic Groups. Use this form to apply for the beta

Before applying, please carefully consider the “Additional details” below. Some features that currently exist in Groups will not be available in the beta. If your organization uses those features often, you may want to wait to try new Groups.

Who’s impacted 

Admins and end users

Why you’d use it 

The new Groups experience features a modern, fresh look and controls that are streamlined, intuitive, and consistent with other G Suite tools like Gmail. Participation in the beta will allow you to check out the new interface as soon as possible, provide feedback to Google, and prepare your users for future migration.

It’s important to note that we’re continuing to improve on the new Groups experience and some features that currently exist in classic Groups will not be available in the beta

Specifically, users in the new Groups beta won’t have access to the following features:
  • Collaborative inboxes
  • Tags and categories
  • Mobile browser experience for new Groups
  • Welcome messages above group conversations
  • Accessing moderated messages
For the complete list of features that will not be available in beta, see our Help Center.


Users will still be able to access features not available in beta features at any time by reverting back to classic Groups. To do so, you can click on the gear at the top right of the page and select “Visit classic Google Groups.” When opted into beta, users can switch between the beta version of Groups and Classic Groups as often as needed. If you feel this will be confusing or disruptive, however, you may not want to apply for the beta.


Reverting back to Classic groups from the New Groups beta

Reverting back to the New Groups beta from Classic Groups

Visit our Help Center for more information on the features available in the new Groups beta.

Additional details

We’ll roll out the new Groups experience in three stages:

  • Beta with the option to revert: If you apply for and are accepted into the beta, your users will be automatically transitioned to the new Groups experience with the option to revert back to the classic Groups UI at any time.
  • General availability (GA) with option to revert: Following the beta, we’ll introduce the new Groups experience to all G Suite customers. We’ll announce the specific date for this GA phase on the G Suite Updates blog at least two weeks in advance, and admins will have the option to control user access to the UI in the Admin console at that time. If an admin doesn’t take action, their users will see the new Groups experience when they visit groups.google.com. Users will have the option to revert back to classic Groups at any time.
  • Mandatory transition to new Groups: Later this year, all users will be migrated to new Groups, and they’ll no longer have the option to revert to classic Groups. Admins will not be able to prevent users from accessing the new Groups UI. We’ll announce the specific date for this transition on the G Suite Updates blog at least one month in advance.

Getting started

Admins:  
  • Complete this form to apply for the beta. You must be a super admin to qualify.
  • If you’re accepted into the beta, you’ll receive an email shortly before your domain is whitelisted. Once your domain is whitelisted, all users in your domain and subdomains will be migrated to the new Groups experience, but they’ll have the option to revert back to classic at any time. Once accepted into the beta, you can use this email template to communicate these changes to your users
  • Please note that it may take several weeks for your domain to be whitelisted into the beta.
End users:  
  • If your organization is accepted into the beta, you’ll automatically be transitioned to the new UI. You can revert back to classic Groups at any time.

Availability

  • Available to all G Suite customers

Resources


Update to Sheets API v4 migration timeline

Quick launch summary 

Earlier this year, we announced the retirement of the Sheets v3 API. At that time, we stated that you’d need to migrate any applications built on the v3 API to the v4 API by March 3, 2020 to ensure they continue working properly.

We’re extending our timeline to allow developers additional time to migrate their applications: 
  • Starting on April 9, 2020, the spreadsheet and spreadsheets.readonly scopes can no longer be used to list a user’s spreadsheets in the v3 API. 
  • On September 30, 2020, the remainder of the v3 API will be turned down.

For information on transitioning your apps, check out our migration guide.

What’s New in G Suite – January 2020


Check out the latest "What's New in G Suite" launch recap (pdf) for a roundup of all G Suite launches from January 2020.

Archive and translated versions (coming soon for January issue)

Stay up to date with G Suite launches

Manage Windows 10 devices through the G Suite Admin console

What’s changing 

We’re enabling enhanced desktop security for Windows with a new beta. This will allow you to manage and secure Windows 10 devices through the Admin console, just as you do for Android, iOS, Chrome, and Jamboard devices today. It will also enable SSO so users can more easily access G Suite and other SSO-enabled applications on Windows 10 devices.

With these new controls G Suite admins can:

  • Enable their organization to use existing G Suite account credentials to login to Windows 10 devices, and easily access apps and services with SSO 
  • Protect user accounts with anti-phishing, anti-hijacking, and suspicious login detection technologies 
  • Ensure that all Windows 10 devices used to access G Suite are updated, secure, and within compliance 
  • Perform admin actions, such as wiping a device and pushing device configuration updates, to Windows 10 devices from the cloud without specific network requirements 

Sign up for the beta here.

Who’s impacted 

Admins

Why you’d use it 

Automatic device registration, the ability to secure all of your devices in a single Admin console, and cloud-based policy and device configuration deployment will simplify device management and security for your organization. Additionally, the ability to remotely wipe devices can help increase your organization’s data security.

Additionally, this makes life easier for users by reducing the hurdles and logins needed to access applications and get work done. Users need to log in just once to their Windows 10 device using their G Suite login credentials, and they’ll be able to access Google apps and any other enterprise cloud applications with SSO enabled without further logins.

How to get started 




Additional details 


Set policies, push configurations to devices, and wipe devices as needed 

Admins can deploy policies and device configuration updates from the cloud, removing any network or other restraints for installing these updates on user devices. Policies and updates that can be applied by admins include BitLocker, Windows Update, and desktop customization. Additionally, admins can block or wipe devices if needed from the device page in the Admin console.



Availability 

G Suite editions 

  • Available to G Suite Enterprise, G Suite Enterprise for Education, and Cloud Identity Premium customers 
  • Not available to G Suite Basic, G Suite Business, G Suite for Education, G Suite for Nonprofits, and Cloud Identity Free customers 

Beta sign up 
Find more information and sign up for the beta here.

What’s New in G Suite – December 2019


Check out the latest "What's New in G Suite" launch recap (pdf) for a roundup of all G Suite launches from December 2019.

Archive and translated versions (coming soon for December issue)

Stay up to date with G Suite launches

Help your team get more out of G Suite with four new resources

We’ve launched four new ways to help your organization learn how to use G Suite and move to a more modern way of working.

  • The G Suite Welcome Center: The Welcome Center offers resources and a roadmap for users to get to know G Suite. This Center contains details on the Learning Center, help guides for each app, switching guides, our new Sheets Coursera course, and more.
  • The Hangouts Meet Starter Kit: The Kit helps drive change and encourage staff to migrate to Hangouts Meet. It includes:
    • Customizable email templates that admins can send to users about how to use Meet.
    • Tip sheets with adoption best practices, change management resources, and IT Admin Q&A to help manage the transition.
    • Printable posters and meeting room cards to drive Meet awareness and show your team how to use it.
  • G Suite for Power Users: This page contains resources specifically curated for advanced users so they can get even more out of G Suite.
  • G Suite Hack for power users: This training has five challenge tasks employees can complete at their own pace, giving them a fun way to learn about G Suite.

Stay up to date with G Suite launches

Turning off less secure app access to G Suite accounts

What’s changing 

Starting in June 2020, we’ll limit the ability for less secure apps (LSAs) to access G Suite account data. LSAs are non-Google apps that can access your Google account with only a username and password. They make your account more vulnerable to hijacking attempts. Instead of LSAs, you can use apps that support OAuth—a modern and secure access method.

This is most likely to impact users of legacy email, calendar, and contacts apps—see below for more details. We’ve also emailed your organization’s primary admin with details around this change. That email includes a list of users who are likely to be affected.

Access to LSAs will be turned off in two stages:

  • After June 15, 2020 - Users who try to connect to an LSA for the first time will no longer be able to do so. This includes third-party apps that allow password-only access to Google calendars, contacts, and email via protocols such as CalDAV, CardDAV and IMAP. Users who have connected to LSAs prior to this date will be able to continue using them until usage of all LSAs is turned off. 
  • After February 15, 2021 - Access to LSAs will be turned off for all G Suite accounts. 


This is a continuation of our previously announced process to limit access to less secure apps to protect G Suite accounts. See below for more details on the possible impact of this change, and some recommendations for change management with users of LSAs.

Who’s impacted 

End users

Why this matters 

Many users use non-Google apps, and give those apps permission to access G Suite data. For example, you may give the iOS mail app permission to see your work email. This provides users with more options, and helps users get work done in a way that works well for them.

When account access is provided through an LSA, it puts that account at risk of hijacking. That’s because LSAs provide a non-Google app access to your account through just a username and password, without any other authentication factor. If a bad actor got access to your username and password (for example, if you re-use the password on another site that is subject to a data breach), they could access your account data with just that username and password information through an LSA.

However, when account access is provided through OAuth, we get more details about the login and can validate it the same way we would with any other login to your account. This means we can better identify and prevent suspicious login attempts, preventing hijackers from accessing the account data even if they have your username and password. OAuth also helps us enforce G Suite admin defined login policies, such as the use of security keys, as well as other security controls such as whitelisting apps and offering scope-based account access.

As we’re constantly working to improve the security of your organization’s G Suite accounts, we’ve made the decision to remove LSA access by February 15, 2021. Given the many alternative apps and processes available which do use OAuth (outlined below), we hope that this won’t cause significant disruption while increasing your account security.

How to get started 


  • Admins: 
    • See the “Additional details” section below for more information and recommended actions. 
    •  See the email sent to your organization’s primary admin with a subject line of “Switch to apps that use secure OAuth access, as password-based access will no longer be supported” for a list of users who are likely to be affected by the change. 
  • End users: See the “User information and advice” section below for more details and recommended actions, or use our Help Center to learn more about less secure apps and your Google account


Additional details 

Admin and developer information 

Mobile device management (MDM) configuration - If your organization uses a mobile device management (MDM) provider to configure CalDAV, CardDAV, and Exchange ActiveSync (Google Sync) profiles, these services will be phased out according to the timeline below:

  • June 15, 2020 - MDM push of IMAP, CalDAV, CardDAV, and Exchange ActiveSync (Google Sync) will no longer work for new users. 
  • February 15, 2021 - MDM push of IMAP, CalDAV, CardDAV, and Exchange ActiveSync (Google Sync) will no longer work for existing users. Admins will need to push a Google Account using their MDM provider, which will re-add their Google accounts to iOS devices using OAuth. 


Scanners and other devices - No change is required for scanners or other devices using simple mail transfer protocol (SMTP) or LSAs to send emails. If you replace your device, look for one that sends email using OAuth.

Developer instructions - To maintain compatibility with G Suite accounts, update your app to use OAuth 2.0 as a connection method. To get started, follow our developer guide on using OAuth 2.0 to access Google APIs. You can also refer to our guide on OAuth 2.0 for mobile & desktop apps


End User information and advice 

If you are using an app that accesses your Google account with only a username and password, take one of the following actions to switch to a more secure method and continue to access your email, calendar, or contacts. If you do not take one of the following actions, when LSA access is discontinued after February 15, 2021, you will begin receiving an error message that your username-password combination is incorrect.

Email 

  • If you are using stand-alone Outlook 2016 or earlier, you can use G Suite Sync for Microsoft Outlook. Alternatively, move to Office 365 (a web-based version of Outlook) or Outlook 2019, both of which support OAuth access. 
  • If you are using Thunderbird or another email client, re-add your Google Account and configure it to use IMAP with OAuth. 
  • If you are using the mail app on iOS or MacOS, or Outlook for Mac, and use only a password to login, you’ll need to remove and re-add your account. When you add it back, make sure to choose Google as the account type to automatically use OAuth. 


Calendar

  • If you use CalDAV to give an app or device access to your calendar, switch to a method that supports OAuth. We recommend the Google Calendar app [Web/iOS/Android] as the most secure app to use with your G Suite account. 
  • If your G Suite account is linked to the calendar app in iOS or MacOS and uses only a password to login, you’ll need to remove and re-add your account to your device. When you add it back, select “sign in with Google” to automatically use OAuth. Read more

Contacts 

  • If your G Suite account is syncing contacts to iOS or MacOS via CardDAV and uses only a password to login, you’ll need to remove your account. When you add it back, select “sign in with Google” to automatically use OAuth. Read More
  • If your G Suite account is syncing contacts to any other platform or app via CardDAV and uses only a password to login, switch to a method that supports OAuth. 

Other less secure apps 

  • If you use other apps on iOS or MacOS that access your G Suite account information through only a password, most access issues can be resolved by removing then re-adding your account. When you add it back, make sure to select Google as the account type to automatically use OAuth. 
  • For any other LSA, contact your admin or ask the developer of the app you are using to start supporting OAuth. 
  • If the developer won’t update their app, you will need to switch to a client that offers OAuth.  


Helpful links 




Availability 

Rollout details - all domains 

  • After June 15, 2020 
    • Users who try to connect to an LSA for the first time will no longer be able to do so. This includes third-party apps that allow password-only access to Google calendars, contacts, and email via protocols such as CalDAV, CardDAV and IMAP. Users who have connected to LSAs prior to this date will be able to continue using them until usage of all LSAs is turned off. 
    • MDM configuration of CalDAV or CardDAV will no longer work for new users. 
  • After February 15, 2021 
    • Access to LSAs will be turned off for all G Suite accounts. 
    • MDM configuration of CalDAV and CardDAV will no longer work for existing users. All existing users will be required to re-add their Google accounts if they wish to sync contacts, calendar, or email. 

G Suite editions 
Applicable to all G Suite editions

On/off by default?
This feature will be ON by default and can’t be turned off.


Stay up to date with G Suite launches