IT

Google Apps Does Two-Step Security Dance

Google Apps has announced added security and authentication to the online application suite’s fee-based Premier edition as well as its Education and Government versions.

The two-step enhanced verification system will be added to all versions of Google Apps in coming months.

The goal is to help overcome resistance to the use of in-the-cloud utilities by adding an additional layer of security. The two-step process will fend off risks such as phishing and password reuse, according to Google.

In addition to the enhanced security, Google Apps also announced on Monday new mobile editing capabilities for Google Docs. Coworkers will be able to jointly edit files simultaneously using the Android platform and the Apple iPad. In the coming weeks, this collaboration feature will be added to a wider array of devices.

Phoning It In

The authentication process does not “require any special tokens or devices,” Eran Feigenbaum, director of security for Google Apps, noted in an official Google blog post. All the user needs is a mobile phone. After entering a password, a verification code is sent to the user’s mobile phone via SMS, a voice call or generated on an application that can be installed on an Android, BlackBerry or iPhone device.

This makes it much more likely that you’re the only one accessing your data, according to Google. “Even if someone has stolen your password, they’ll need more than that to access your account,” noted Fiegenbaum. Google also lets you turn off the two-step process for a computer you know is safe.

Security Is Attractive

The added measure of security could improve Google Apps’ ability to enter the enterprise, education and government markets. “This is going to make Google Apps a more attractive option for companies that might have considered it but had concerns about security and authentication,” Charles King, principal at Pund-IT, told TechNewsWorld. “Government agencies and companies have been leery about cloud-based solutions because of concerns about how their data is being protected in the cloud and how people on the inside and outside of the organization may have access to it.”

The relative simplicity of the two-step process could prove to be an advantage for Google. For many companies, two-factor authentication involves a specialized secondary device such as an electronic key. “By text messaging the authentication code to a smartphone, Google shows recognition that most people who do business have a cellphone,” said King. Incorporating a device users already have on them rather than requiring them to pocket yet another gadget will reduce the clutter users have to carry around, he said.

“The Google folks are always saying they’re looking for customer input — this is a pretty good example,” Laura DiDio, principal analyst at ITIC, told TechNewsWorld. “These days it’s all about security. Everybody wants enhanced security.”

The enhanced security is one more indication that Google understands what it needs to do to gain the confidence of the enterprise market, DiDio said. “Google is really catching on. Now they’re going for document management,” said DiDio. “If you’re going to move into the big leagues, you have to take these steps. Google Apps is not just a Gmail account.”

Is Google Encroaching on Microsoft?

Asked whether the move toward greater security allows Google to bite into Microsoft’s market, DiDio said, “Everybody’s biting into everybody now. All of these vendors are in a collision course.” The added security layer, she noted, helps in Google’s attempt to enter the applications territory. “If they’re going to go up the applications stack, they need security.”

Google’s move is a strong stab at producing revenue, she said. “We’re seeing the beginning of Google monetizing in a big way,” said DiDio. “There’s no way to ignore it.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by Rob Spiegel
More in IT

Technewsworld Channels