Google Workspace is everything you need to get anything done, now in one place. Whether you're returning to the office, working from home, on the frontlines with your mobile device, or connecting with customers, Google Workspace is the best way to create, communicate, and collaborate. As hybrid work has become the norm, security, data privacy, and trust continue to be the foundation that make anywhere, anytime collaboration possible. Central to Google's security strategy are authentication, integrity, and encryption. As a next step in trusted collaboration Google launched new solutions in Google Workspace such as Client-side encryption, trust rules for Drive and Drive labels.
Client-side encryption for stronger privacy and data security
All data that we outsource to the cloud, both in our digital private lives and in our working environment, is a highly insecure matter. This is why end-to-end encryption or client-side encryption are so important for data protection.
Encryption is simply the process of encoding data so that only those with authorized access can read it. Client-side encryption is especially beneficial for organizations that store sensitive or regulated data, like intellectual property, healthcare records, or financial data. Using Client-side encryption choose a key access service partner from Flowcrypt, Futurex, Thales, or Virtru. Each of these partners have built tools in accordance with Google’s specifications and provide both key management and access control capabilities. Your chosen service partner holds the key to decode encrypted Google Workspace files, and Google cannot access or decipher these files without this key. With Client-side encryption, customer data is indecipherable to Google, while you can continue to take advantage of Google’s native web-based collaboration, access content on mobile devices, and share encrypted files externally.
Google Workspace already uses the latest cryptographic standards to encrypt all data at rest and in transit between its facilities. With Client-side encryption you have direct control of encryption keys and the identity provider used to access those keys to further strengthen the security of your data. Client-side encryption will initially be available for Google Drive, Docs, Sheets, and Slides, with support for multiple file types including Office files, PDFs, and more. The beta of Client-side encryption is available for Google Workspace Enterprise Plus and Google Workspace Education Plus customers.
Trust rules for Drive for more control over secure collaboration
Because sharing ideas and information is at the heart of trusted collaboration, it’s critical that you have the ability to powerfully and precisely manage your files. Trust rules is a new security feature which allows admins to set fine-grained rules defining whom their users can collaborate with in Drive, both within and outside of their organization. Trust rules will replace the existing “Sharing options” in the Google Drive admin controls. Specific rules can even be set for organizational units and groups, allowing a more granular approach than enforcing blanket policies on every user.
The beta for trust rules for Drive will be rolling out in the coming months and will be available for Google Workspace Enterprise and Google Workspace Education Plus customers.
Drive labels for enhanced data loss prevention and classification
Labels are metadata you define to help users organize, find, and apply policy to items in Drive, Docs, Sheets, and Slides. With Drive labels, users can classify files stored in Google Drive to help ensure they’re handled correctly. Drive labels are useful for many common workplace scenarios for organizing files, including record management, classification, structured finding, workflow, reporting, auditing, and more.
Drive labels integrates with Google Workspace’s data loss prevention (DLP) capabilities so admins can set rules at the appropriate sensitivity level. If users forget to classify content on their own, files can be classified automatically based on administrator defined DLP rules. Both manual and automated labels can be used with DLP to prevent external sharing, downloading, and printing of some files. Google is also adding 60 new content detectors, including resumes, SEC filings, patents, and source code.
Drive labels is now available in beta for Google Workspace Business Standard, Google Workspace Business Plus, Google Workspace Enterprise, Google Workspace for Education Standard, and Google Workspace Education Plus customers.
New phishing and malware content protection for Google Drive
The built-in protections in Google Drive that help block phishing and malware content from external users and organizations are available for all Google Workspace customers. Google also enable all Google Workspace admins to implement this protection for content within their organizations, helping to safeguard against insider threats and user error. If abusive content is found, the relevant file is flagged and made visible only to admins and the file’s owner. This prevents sharing and reduces the number of users potentially impacted by the abusive content.
If you are interested in Google’s new collaboration solutions I Google Workspace read the article “Google Workspace delivers new levels of trusted collaboration for a hybrid work world” here.
Identiteta, končne naprave, aplikacije, omrežja, infrastruktura in podatki so pomembne povezave v celovitipovezavi varnostnega modela ničelnega zaupanja. Microsoft podpira model varnosti ničelnega zaupanja prek več obrambnih plasti. Preberite več o šestih plasteh modela ničelnega zaupanja in o tem, kako jih zaščititi.
Model ničelnega zaupanja temelji na preverjanju zaupanju. Model ničelnega zaupanja vzpostavlja strogo preverjanje identitete uporabnika in skladnosti naprave pred odobritvijo dostopa, ter zagotavlja dostop izključno pooblaščenim virom z minimalnimi pravicami.. V tem članku smo povzeli temeljne elemente modela ničelnega zaupanja.
The increasing prevalence of cloud-based services, mobile computing, internet of things
(IoT), and bring your own device (BYOD) in the workforce have changed the technology
landscape for the modern enterprise. Today, organizations need a new security model that more effectively adapts to the complexity of the modern environment, embraces the mobile workforce, and protects people, devices, applications, and data wherever they are located. The Zero Trust security model says “never trust, always verify.”
Vsi želimo vedeti, kje vse so shranjeni naši podatki, tudi zato, da nadzorujemo, kdo jih lahko vidi ali ne. Oznake občutljivosti, ki jih zagotavlja rešitev Microsoft Information Protection, omogočajo organizacijam, da razvrščajo in varujejo svoje podatke s pomočjo oznak, ki jih digitalno dodajajo datotekam in elektronskim sporočilom.