- Google makes changes to the security of the workspace account
- The support of the passing key has been deployed to reduce the efficiency of phishing
- DBSC and SSF will alleviate the theft of cookie tokens and will improve the communication of the safety tool
Google Workspace increases its defenses against the repurchase of the account after a year on the other in successful attacks.
The Company says that 37% of account control sockets use a phishing or identification theft as a vector of attack, and there was an 84% increase in infostelliers delivered by e-mail in 2024 in the previous year, the most common method being the flight of cookie and authentication token.
To mitigate this, Google brings three modifications following the productivity of the workspace to reduce the risk of account buyback and better protect organizations against attacks.
Transparent account security
First, Google deployed Passkey support to more than 11 million Google Workspace accounts, making them more phishing than ever and facilitated customer connection.
Google has also expanded administrative access to Passkey tools allowing them to audit registrations to the key key and restrict Pass keys to certain formats such as physical safety keys.
Second, Google Workspace now offers session identification information related to the device (DBSC) in open beta. DBSCs are a safety mechanism supported by the equipment that uses a cryptographic key paid to the user’s device.
Whenever the session cookies are updated, Google Chrome certainly checks the user in account control by checking the private key preserved in secure storage on the user’s device. This considerably reduces the potential of stolen cookies to use to divert the sessions and buyout accounts, which quickly becomes one of the most successful methods of taking control of the accounts.
Finally, Google will soon introduce an SSF (Signals Framework Signals (SSF) receiver (SSF) in closed beta. This will allow platforms to communicate in almost real time on new security signals, such as an increased risk for a particular account. In addition, SSF will also allow organizations to share key user information such as the types of peripherals between safety solutions.
Overall, Google’s steps to increase the safety of the Workspace account will help create a transparent connection experience for users while adding an additional safety layer against phishing, as well as cookie and authentication token.
In addition, additional controls for administrators and the inclusion that are soon to be SSF will allow security teams to more easily assess and improve the overall security posture of their organization.
