Google has recently announced updates to its Workspace productivity and collaboration suite that aim to enhance security for distributed workforces. By leveraging Google AI, the company is improving data loss prevention controls in Drive, implementing new zero-trust controls, enabling data classification in Drive, and automating sensitive information protection in Gmail.
With the rise of remote work and the need for seamless collaboration, SaaS suites like Workspace have become popular among organizations. However, this increased ease of sharing data also brings a higher risk of data theft or exposure. Employees may unintentionally or intentionally make sensitive information accessible to unauthorized parties or leave it vulnerable to threat actors.
To address these challenges, Workspace is taking several steps to enhance data loss prevention. The first step is accurately identifying and labeling sensitive information. With the help of Google AI, Workspace now has the ability to automatically classify and label data stored in Google Drive. This feature is currently in the preview stage. Administrators can then apply their own data loss prevention or context-aware access controls to enforce a zero-trust model. Google also offers assistance in training customers’ AI models.
Tim Ehrhart, the domain lead for information security at Roche, expressed his satisfaction with Workspace’s Context-Aware Access feature. He highlighted its ability to provide more flexibility in access policies, enabling the right people, applications, and data to have the appropriate level of access. Ehrhart stated that since implementing Context-Aware Access, Roche has been able to confidently use more of Google Workspace across a broader set of scenarios while ensuring the safety of their work.
In addition to data loss prevention, Google is also prioritizing data sovereignty controls. These enhancements give Workspace customers greater control over their data by enabling client-side encryption, ownership of encryption keys, and the option to choose where to store or process data. This is particularly useful for organizations with strict data protection regulations, such as those in the European Union. Google will also introduce additional security measures for administrators, including mandatory two-step verification and multiparty approval for sensitive actions.
Google Workspace encompasses popular SaaS applications like Drive, Gmail, Meet, Calendar, Docs, and Slides. The enhancements announced apply to both the enterprise and consumer versions of these applications. Although some features are still in the pilot stage, Google plans to release them in beta form by the end of the year.
By investing in security improvements for Workspace, Google aims to provide organizations with the confidence and tools they need to protect their sensitive data in distributed work environments. As remote work continues to be a prevalent model, it is crucial for companies to implement robust security measures. With its AI-driven capabilities and focus on data loss prevention, Workspace aims to address these security concerns and empower organizations to collaborate securely and efficiently.