Google recently announced its Advanced Protection Program (APP) for Gmail consumer (free) accounts. According to Google, the program is aimed at a “minority of our users that are at particularly high risk of targeted online attacks. For example, these might be campaign staffers preparing for an upcoming election, journalists who need to protect the confidentiality of their sources, or people in abusive relationships seeking safety.”
For many Gmail consumer account users, enabling Google’s 2-Step Verification is likely sufficient for securing their account. However, users desiring the most advanced security may want to investigate APP. As Google notes, APP is “designed for those who are at an elevated risk of attack and are willing to trade off a bit of convenience for more protection of their personal Google accounts.”
Google offers the APP program at no charge, but users will need to purchase a Security Key directly from a participating FIDO Universal 2nd Factor (U2F) vendor. Security Keys are “small USB or wireless devices [which] have long been considered the most secure version of 2-Step Verification, and the best protection against phishing. They use public-key cryptography and digital signatures to prove to Google that it’s really you. An attacker who doesn’t have your Security Key is automatically blocked, even if they have your password.”
For now, APP is only available for Gmail consumer (free) accounts. For comparable security protections on G Suite Accounts, admins may want to consider Security Key Enforcement and OAuth apps whitelisting. If you’d like to further discuss security options for your G Suite or Gmail account, please contact us.