Google has made security a priority with Gmail early this year. Last month, the company announced changes to keep users safe including a broken lock icon display on messages when a user receives a message from or is about to send one to a person whose email service doesn’t support TLS encryption.
Also part of the February update was a question mark displayed on a sender’s profile/avatar if the user gets a message that can’t be authenticated.
Earlier this month, Google introduced improve data loss prevention features for enterprise customers using Gmail. This included optical character recognition for better scanning of attachments and the addition of new predefined content detectors.
Google also launched two new detection parameters to give its largest Work customers better control over DLP policies, minimize false positives, and “take action commensurate with the level of perceived risk.” There is a count parameter and a confidence parameter. The former lets customers set up different DLP policies based on whether a message contains individual or bulk PII. The latter lets customers tighten or loosen detection criteria for the most commonly used detectors.
On Thursday, Google announced partnerships with Comcast, Microsoft, and Yahoo to submit a draft IETF specification for “SMTP Strict Transport Security.” As the company describes, this is a new proposed standard that enables companies to ensure mail is only delivered through encrypted channels, and furthermore that encryption failures are reported for analysis.
Google is also extending its “Safe Browsing” feature, which is already enabled in several of its products, to give Gmail users warnings if they click links Google has identified as potentially dangerous. This is being applied when Gmail is used in different web browsers and email apps.
Finally, Google is launching a new full-page warning about state-sponsored attacks and how to stay safe from them.
Google notes that a very small percentage of users will ever see these (mainly activists, journalists, policy-makers, etc.), but those who do may see them instead of the existing warnings or in addition to them.
Images via Google