Google Boosts Cybersecurity with Security Key Requirement

Google Boosts Cybersecurity with Security Key Requirement

Google employees have successfully dodged phishing attempts for over a year thanks security keys and two-factor authentication.

One of the biggest ways companies are infiltrated by hackers is through phishing. Attackers craft an email that looks just like something you'd normally click on, like a bill or an email telling you to change your password but instead the user is giving their information away - making their account vulnerable.

Google seems to have solved this phishing problem with a $20 security key it requires all its employees to use.

None of Google's 85,000 employees have successfully been phished on their work accounts since it started requiring the extra security to log in, the company said.

"We have had no reported or confirmed account takeovers since implementing security keys at Google," the company told Business Insider.

Google took the security of their employee's accounts to the extreme. Usually when employees sign on using two-factor authentication, you put in your username and password and then enter a code that comes through a text or app. Google requires that employees insert a security key instead of the code, bolstering the security of the accounts.

In October, Google launched an advanced protection program involving security keys for people at the highest risk of being phished, including journalists, business leaders and activists. Google has worked with several industry groups, such as the FIDO Alliance, to develop security-key technology called U2F.

A 2016 Google study found that text-message or app-based two-factor authentication, sometimes called "one-time password," had an average failure rate of 3%, while the U2F or security-key approach had a 0% failure rate.

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

New Products

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure.

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame.