Google Workspace is hitting back against the most prolific methods of account takeover with these super simple changes

News
By published

Google is making Workspace even more secure

Mountain View, CA, USA - May 1, 2022: Google sign is seen at Googleplex, the corporate headquarters complex of Google and its parent company, Alphabet, Inc., in Mountain View, California.
(Image credit: Shutterstock)
  • Google is making changes to its Workspace account security
  • Passkey support has been rolled out to reduce phishing effectiveness
  • DBSC and SSF will mitigate cookie token theft and improve security tool communication

Google Workspace is upping its defenses against account takeover following a year-on-year in successful attacks.

The company says 37% of account takeovers use phishing or credential theft as an attack vector, and there was an 84% increase in email-delivered infostealers in 2024 over the previous year, with the most common method being cookie and authentication token theft.

To mitigate this, Google is making three changes to Workspace productivity suite to reduce the risk of account takeover and better protect organizations from attacks.

Seamless account security

Firstly, Google has rolled out passkey support to over 11 million Google Workspace accounts, making them more phishing resistant than ever and making it easier for customers to log in.

Google has also expanded Admin access to passkey tools allowing them to audit passkey enrollment and restrict passkeys to certain formats such as physical security keys.

Secondly, Google Workspace now offers Device Bound Session Credentials (DBSC) in open beta. DBSCs are a hardware backed security mechanism that uses a cryptographic key paired to the user’s device.

Each time session cookies are refreshed, Google Chrome verifies it is definitely the user in control of the account by verifying the private key kept in secure storage on the user's device. This significantly mitigates the potential for stolen cookies to be used to hijack sessions and takeover accounts, which is fast becoming one of the most successful methods for account takeover.

Finally, Google will soon be introducing a shared signals framework (SSF) receiver in closed beta. This will allow platforms to communicate in near real-time about new security signals, such as increased risk for a particular account. Additionally, SSF will also allow organizations to share key user information such as device types between security solutions.

Overall, Google’s steps to increase Workspace account security will help create a seamless login experience for users while also adding an extra layer of security against phishing, as well as cookie and authentication token theft.

Moreover, the additional controls for admins and the soon-to-come inclusion of SSF will make it easier for security teams to evaluate and improve the overall security posture of their organization.

You might also like

TOPICS
Benedict Collins
Benedict Collins
Senior Writer, Security

Benedict has been with TechRadar Pro for over two years, and has specialized in writing about cybersecurity, threat intelligence, and B2B security solutions. His coverage explores the critical areas of national security, including state-sponsored threat actors, APT groups, critical infrastructure, and social engineering.

Benedict holds an MA (Distinction) in Security, Intelligence, and Diplomacy from the Centre for Security and Intelligence Studies at the University of Buckingham, providing him with a strong academic foundation for his reporting on geopolitics, threat intelligence, and cyber-warfare.

Prior to his postgraduate studies, Benedict earned a BA in Politics with Journalism, providing him with the skills to translate complex political and security issues into comprehensible copy.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.