Honestly, I’m surprised by how little companies seem to mention the Google Advanced Protection Program. As hybrid and flexible work continues to revolutionize the office, there’s a growing focus on security, privacy, and compliance.
We know that the hybrid work model has benefits, from lower operating costs to greater employee engagement. However, a distributed workforce also has challenges.
Even with firewalls, extensive employee training, and secure access controls, even the most tech-savvy employees can easily be caught off guard by sophisticated cyberattacks.
Google’s “Advanced Protection Program” promises hybrid teams an extra layer of security. It was designed to defend anyone who works with, shares, or stores sensitive information on the web. So, what exactly does it do, and how can you enroll? Here’s what you need to know.
What is the Google Advanced Protection Program?
The Google Advanced Protection program is a free service from Google that offers instant access to additional security measures related to app permissions, web browsing, and phishing protection. Oddly enough, Google hasn’t drawn much attention to this program.
I had to specifically search through Google’s security documentation to find out what the solution could offer. While this isn’t a brand-new offering from Google, I do think it’s starting to earn more attention from companies as hybrid work continues to grow in popularity.
Although you’ll still need to invest in your own security strategy (even with Google’s service), this service certainly seems to kick security up a notch. Not only is it free (aside from the price you need to pay for a security key), but it’s constantly evolving too.
According to Google, new protections are automatically added to the system all the time as the threat landscape evolves. Notably, anyone can enroll in this service too. You don’t need a specific Google Workspace account, and you can even use your existing account, provided your admin has enabled Advanced Protection as an option.
What Does the Google Advanced Protection Program Do?
Google describes the “Advanced Protection Program” as its most advanced account security solution for individuals who use the web to share and store data. It’s basically a kit of tools built to safeguard users who deal regularly with sensitive information, like customer data or intellectual property.
Although there are various components to the program, the program focuses primarily on three things:
Protecting Accounts from Phishing Attacks
According to the UK government, phishing is now the most common form of cyber threat companies face. Around 84% of businesses have been exposed to a phishing attack, as of 2024. Worldwide, phishing attacks have become a significant issue. That’s particularly true now that criminals can use generative AI to create more convincing messages and scams.
With the Google Advanced Protection Program, you gain access to Google’s most advanced phishing protection. According to the company, while Gmail blocks more than 100 million phishing attempts every day, sophisticated tactics often trick the most technically savvy users.
Since Advanced Protection requires the use of a security key or passkey to verify your identity, it makes it less likely other people will be able to access your account via phishing. Sure, using a passkey means it takes a little more work to log into your account, but it’s one of the best ways to protect your data from unauthorized users – even those who know your password and username.
Defense Against Harmful Downloads
Malware, ransomware, and other dangerous, downloadable files are everywhere. Most of us know we should never click on links or download files from unknown senders.
But what happens when you receive a file from someone who seems legitimate, like the Microsoft account team? Sometimes, your email service provider can identify risky files for you. However, it’s not just emails that contain dangerous content.
Visiting a specific site and clicking on an ad or button can instantly put your device at risk. The Google Advanced Protection Program helps to eliminate these threats. Building on top of the “Safe Browsing” feature from Chrome, Advanced Protection performs stringent checks before downloading anything. It flags and even blocks downloads of potentially harmful files.
Keeping your Personal Information Secure
How much data do you store on your Google Drive? Mine is packed full of details I don’t want to end up in the wrong hands, from contact information to content drafts. Unfortunately, it’s easy to forget how tempting your online files are to cybercriminals.
When signing up for new apps and services online, many tools ask for access to your Google Account information. While all Google Accounts come with built-in protections, attackers can still impersonate legitimate third parties and potentially access your information.
The Google Advanced Protect program ensures only Google apps and verified vendors can request access to your information. It also ensures you always have the option to revoke permission from other apps to access your files.
Do You Need the Google Advanced Protection Program?
I honestly think Google’s Advanced Protection Program is worthwhile for every business user in today’s hybrid world. However, Google specifically recommends considering it if you’re going to be working with a lot of sensitive data.
For instance, if you’re a journalist (like me), a business leader, or you share a lot of private information online, it’s worth enrolling.
The only (possible) downside is that enrolling in the program does place a few restrictions on your account. For instance, you’ll need a security key to sign into Google apps on any device, which can be a headache at times. Plus, you can’t use third-party apps to read your email without a code.
The Advanced Protection Program also bans you from using certain apps and services that require access to sensitive data. This could be a bit problematic, depending on the apps you use for work already. Still, you can create temporary codes that allow certain verified apps to access your data.
One final caveat is that if you ever lose access to your account, potentially because you’ve forgotten your ultra-secure password, recovering that account takes additional time and steps.
How to Enroll: The Step-by-Step Guide
If you’re willing to jump through a few more security hoops for extra protection, getting started with Google’s program is pretty simple. As I mentioned, this program is completely free and available to all users with personal and Google Workspace accounts.
There are a few things you’ll need to do before you can sign up, however.
Step 1: Security Keys and Passkeys
First, you’ll need a security key, and Google recommends purchasing two.
You can purchase security keys directly from Google, such as the Google Titan Security Key, when you enroll. Some companies and users are actually eligible to receive free Titan Security Keys from Google, so it’s worth double-checking here.
Once you have your security key, you’ll need at least one passkey and potentially another recovery option, such as a recovery phone number or email address.
Passkeys are pretty easy to set up with Google. They’re the tools that allow you to log into your Google account without a password, using biometrics like your fingerprint or face scan. You can also create passkeys on FIDO 2-compliant physical security keys (they look like thumb drives).
In 2024, Google announced some upgrades to its passkey strategy, announcing that passkeys had been used to authenticate people more than 1 billion times since they were introduced in 2022. Additionally, the company also upgraded its cross-account protection solution at the same time.
Today, you can create specific passkeys for high-risk users with Google and choose where to store those keys. For instance, Google integrates with password management vendors like Dashlane and 1Password. Here’s a complete guide to creating a Google passkey.
Step 2: Setting Up Recovery Methods
Once you’ve set up your passkeys and purchased a security key, the next step is to ensure you have ways of recovering your account if you lose anything.
All you need to do is make sure any account you want to enroll in the Google Advanced Protection Program has a phone number and email address attached to it, for two-step verification.
To add your contact details, simply log into your Google Account and visit your security settings page to enter a recovery email and phone number. If you have an iPhone, Google also recommends installing the Google Smart Lock app.
Once you’ve entered your details, turn on 2-step verification for your Google Account.
Step 3: Enrolling in the Google Advanced Protection Program
Now you’ve got your account recovery details in place, and your keys, head to Google’s “Advanced Protection Program” webpage, and read through the FAQs (trust me, they’ll come in handy).
At the bottom of the page, you’ll see a “Get Started” button. Click that, and you’ll be asked to log into your Google account. Once you’re logged in, Google will ask you to either purchase security keys or register the ones you already have.
If you’ve already bought your keys (remember you need two, one for backup), click on “Register Security Keys”. Google will walk you through the process of getting them set up.
After you complete these steps, Google will sign you out of your accounts on all devices, and you’ll need to sign back in using your password, and security key.
If you decide you want to unenroll from the service at any time, just log into your Google account, click on the Security tab and scroll to the Google Advanced Protection Program section, then click Unenroll.
What Happens After you Enroll?
Google says once you’re enrolled in the Google Advanced Protection Program, most of your day-to-day online experiences will feel exactly the same. The biggest difference is that you’ll need your passkey or security key to sign into your account.
You might also receive more alerts or warnings when you’re browsing the web, clicking on links, or attempting to download files. Although all of Google’s tools already implement strong protections for users, the Advanced Protection Program runs a lot more checks.
Is the Google Advanced Protection Program Worth It?
Ultimately, I can’t see a lot of downsides to enrolling in the Google Advanced Protection Program. Unless you know for a fact it’s going to stop you from using the apps and tools you need for work, then this extra layer of protection will definitely come in handy.
Plus, since it’s free to access (aside from the price of a security key), you can always experiment with the experience and turn it off if it doesn’t suit your needs.
Alternatively, if you think the Advanced Protection Program won’t be suitable for your needs, you can always check out Google’s other tips for online security.
Google Advanced Protection Program FAQ
Who should enroll in the Google Advanced Protection program?
Google recommends enrolling in this program if you share or use a lot of sensitive information online. Specifically, they say journalists, business executives, and activists, as well as people in the political landscape, should consider enrolling. Remember, you can enroll more than one account.
Can admins enroll everyone?
Yes, Google actually recommends that any organization whose team members deal with sensitive data should enroll all accounts in the program. Notably, if you already have a Google Workspace account you use for work, you can also enroll it individually, if your admin has enabled Advanced Protection.
How much does Advanced Protection Cost?
The Google Advanced Protection Program is free to everyone. However, you will need to create at least one passkey, and purchase a security key for your account. Google recommends having two security keys for backup purposes.
Is Advanced Protection different to 2FA?
Both 2-step verification and Advanced Protection require you to complete an extra verification step when signing into your account. With 2-step verification, this could mean using a prompt sent to your phone, or verification code. With Advanced Protection, the second step always involves using a security key, as Google says this is the most secure option.
What if I lose my security key?
You’ll always need your passkey or security key to sign into your Google Account after enabling Advanced Protection. If you lose your security key, but you’re still signed into an account, you can replace a key from your dashboard. Otherwise, you’ll need to reach out to Google.
from UC Today https://ift.tt/kr7LxUS
0 Comments