Security tools are only effective at stopping threats if they are deployed and managed at scale, but getting everyone in your organization to adopt these tools ultimately hinges on how easy they are to use. It’s for this reason that G Suite has always aimed to give IT admins simpler ways to manage access, control devices, ensure compliance and keep data secure.

Today we announced more than 20 updates to deepen and expand Google Cloud customers’ control over their security. Many of these features will be turned on by default for G Suite so that you can be sure the right protections are in place for your organization. And, even better, in most cases your users won’t have to do a thing. Here’s the break down.

1. Helping to protect your users and organization with new advanced anti-phishing capabilities

We're applying machine learning (ML) to billions of threat indicators and evolving our models to quickly identify what could be a phishing attack in the making. Information from these self-learning ML models helps us flag suspicious content. At the same time, updated phishing security controls can be configured to automatically switch on the latest Google-recommended defenses.

These new default-on protections can:

Automatically flag emails from untrusted senders that have encrypted attachments or embedded scripts.



Warn against email that tries to spoof employee names or that comes from a domain that looks similar to your own domain.



Offer enhanced protections against spear phishing attacks by flagging unauthenticated email.



Scan images for phishing indicators and expand shortened URLs to uncover malicious links.



With the protections we have in place, more than 99.9% of Business Email Compromise (BEC) scenarios—or when someone impersonates an executive to get sensitive information—are either automatically moved to the spam folder or flagged with anomaly warnings to users.