\nFebruary 1, 2017 , 3:08 pm<\/span>\n<\/p>\n<\/article>\n \nFebruary 1, 2017 , 2:50 pm<\/span>\n<\/p>\n<\/article>\n \nFebruary 1, 2017 , 9:40 am<\/span>\n<\/p>\n<\/article>\n<\/div>\n Security Keys are physical USB tokens that can be configured to cryptographically verify a user at login.<\/p>\n Google also announced the availability of a hosted S\/MIME service<\/a> extending encryption capabilities on Gmail beyond TLS.<\/p>\n \u201cTLS only guarantees to the sender\u2019s service that the first hop transmission is encrypted and to the recipient that the last hop was encrypted. But in practice, emails often take many hops (through forwarders, mailing lists, relays, appliances, etc),\u201d Google said. \u201cWith hosted S\/MIME, the message itself is encrypted. This facilitates secure transit all the way down to the recipient\u2019s mailbox.\u201d<\/p>\n Google said the availability of S\/MIME adds account-level signature authentication, which is unlike DKIM, which provides only domain-based authentication.<\/p>\n \u201cThis means that email receivers can ensure that incoming email is actually from the sending account, not just a matching domain, and that the message has not been tampered with after it was sent,\u201d Google said.<\/p>\n On both fronts, Google is providing users additional identity verification and authentication. With Security Keys, which Google has supported since 2014, Google\u00a0is positioning this support as enhanced protection against phishing.<\/p>\n \u201cInstead of entering a unique code as a second factor at sign-in, Security Keys send us cryptographic proof that users are on a legitimate Google site and that they have their Security Keys with them,\u201d said Christiaan Brand and Guemmy Kim of the Google Account Security team. \u201cSince most hijackers are remote, their efforts are thwarted because they cannot get physical possession of the Security Key.\u201d<\/p>\n Google also announced that this protection can extend to mobile devices (Android and iOS) since the Security Keys also support Bluetooth Low Energy and pair with devices over the BLE protocol.<\/p>\n \u201cBLE Security Keys, which work on both Android and iOS, improve upon the usability of other form factors,\u201d Brand and Kim said.<\/p>\n Yesterday\u2019s announcement was a complement to a larger rollout on Monday of enterprise controls to G Suite<\/a>, Google said.<\/p>\n In addition to Security Key enforcement, G Suite also supports data loss prevention technology in Google Drive. Admins can use it to add security controls to sensitive data and manage content as it\u2019s stored and how it\u2019s shared. It can also be configured to protect scanned documents via OCR and enforce data protection and sharing policies on that front.<\/p>\n