Google introduces 11 new security features for Workspace, including some powered by AI.

Google introduces 11 new security features for Workspace, including some powered by AI.

Google Workspace Introduces 11 New Secure Features and Capabilities

Google Workspace

Google’s commitment to providing a secure and reliable productivity suite is reinforced by the introduction of 11 new features and capabilities for its Workspace service. These additions come in response to a 38% rise in cybersecurity attacks in 2023 and the significant financial repercussions of data breaches, with an average cost of $4.3 million per incident.

It is important to note that while some of these new features are designed for Google Workspace’s largest customers, it remains unclear whether they will be available to small and medium-sized businesses as well.

Let’s delve into the details of these new capabilities and explore how they can further enhance the security of Google Workspace:

Zero-trust and DLP

The concept of zero trust acknowledges that security extends beyond the initial login. Instead of blindly trusting users, the principle is to constantly verify their identity. Google has introduced new zero-trust controls and data loss prevention (DLP) capabilities within Workspace to ensure comprehensive security measures.

  • AI-powered classification and labeling for Google Drive: Similar to Gmail, administrators can now apply labels to documents in Google Drive automatically. This feature allows for further control within Workspace and is currently available for preview.
  • Context-aware DLP controls in Drive: Admins can now set different levels of security based on a variety of contextual factors such as device location, type, security status, and user role. This capability, scheduled for preview later this year, ensures that sensitive data remains protected.
  • Extended DLP controls in Gmail: Although Google has not provided specific details about these controls, they are intended to prevent the sharing of sensitive information. This feature, available for preview later this year, aims to enhance the security of Gmail users.

New digital sovereignty controls

Digital sovereignty refers to the geographical location of data governance, including where data is stored and the jurisdiction under which it falls. Considering data security laws and regulations, Google is introducing four capabilities to ensure that Workspace users have greater control over their data:

  • Client-side encryption enhancements: Google is enhancing client-side encryption (CSE) by enabling support for mobile apps like Calendar, Gmail, and Meet. Users can set CSE defaults based on organizational units, providing an additional layer of security. Some enhancements are already available, with others rolling out over time.
  • Specify the location of encryption keys: In collaboration with Thales, Stormshield, and FlowCrypt, Workspace customers can now choose the country where their encryption and decryption keys are stored.
  • Choose where your data is processed: Apart from choosing where data is stored, Google is allowing users to select the region where their data is processed. This capability, expected to be previewed later this year, provides users with even greater control over their data.
  • Choose which region supplies Google support techs: Google will soon introduce a feature that allows users to limit customer support access to technicians based in specific regions.

Cyberthreat prevention

To proactively address cybersecurity threats, Google is introducing several features designed to anticipate and prevent malicious activities:

  • Mandatory 2-step verification: To reduce the risk of compromised accounts, Google will require select administrator accounts of resellers and large enterprise customers to enable two-step verification.
  • Multi-party approval for sensitive administrative actions: Google recognizes the potential risks associated with unchecked administrative powers. To mitigate this, a second administrator will be required to approve certain sensitive actions, providing an additional layer of protection against compromised accounts.
  • Protecting sensitive actions in Gmail: Google is currently exploring AI-powered defenses to block sensitive actions in Gmail. While specific details are still scarce, this feature is expected to enhance the overall security of user accounts.
  • Exporting logs to Chronicle in a few clicks: Google is making it easier for Workspace users to send their logs to Chronicle, the company’s security operations suite. This feature is currently available for preview.

Google’s security statistics

Google has provided some statistics to highlight the benefits of its services:

  • Zero known exploited vulnerabilities compared to over 40 in a legacy productivity suite.
  • 41% fewer security incidents on average compared to other email solutions.
  • Potential savings of up to 50% on cybersecurity insurance premiums.

While these statistics demonstrate Google’s commitment to security, it is important to note that the 50% savings figure is relative to the worst-ranked alternative solutions. Other comparable solutions may offer a similar level of insurance cost estimates.

In conclusion, Google Workspace is continually improving its suite of productivity tools to ensure the highest level of security for its users. With the introduction of these new features and capabilities, Google is empowering businesses to protect their data and mitigate cybersecurity risks. While some features are already available for preview, others will be rolled out later this year. Stay tuned for the enhanced security measures that Google Workspace will bring to your organization.


You can follow my day-to-day project updates on social media. Be sure to subscribe to my weekly update newsletter on Substack, and follow me on Twitter at [@DavidGewirtz](https://twitter.com/DavidGewirtz), on Facebook at Facebook.com/DavidGewirtz, on Instagram at Instagram.com/DavidGewirtz, and on YouTube at YouTube.com/DavidGewirtzTV.