UPDATED 21:17 EDT / JULY 18 2017

APPS

Google rolls out new security alerts for G Suite and App Scripts

Google Inc. today rolled out a new security alert feature across its G Suite and App Scripts services following a widespread phishing attack that targeted users in May.

The new alert feature aims to prevent a user accidentally click on a phishing link. It includes an added security alert delivered via a pop-up interstitial to warn users that a web app or app script they are about to use is unverified. Legitimate apps can connect into G Suites services through the platform’s application program interface, but that API door also means that apps with nefarious intent can also attempt to connect.

“These new notices will inform users automatically if they may be at risk,” Google said in a blog post, “enabling them to make informed decisions to keep their information safe, and will make it easier to test and develop apps for developers.”

The new “unverified app” screen is presented to a user seeking permission to grant a web app access to G Suite in a way that would seem familiar to Google Chrome users in that it includes an exclamation mark inside a red triangle – Chrome’s version of a warning symbol. As is the case when Google warns users attempting to connect to a suspicious website, users who see this new warning can proceed and grant the app permission, meaning that Google has at least attempted to warn them of the risk versus preventing the risky connection altogether.

In addition to protecting users, Google is also pitching the new service as beneficial for app developers. “This new notice will also help developers test their apps more easily,” Google added. “Since users can choose to acknowledge the ‘unverified app’ alert, developers can now test their applications without having to go through the OAuth client verification process first.”

This new feature isn’t Google’s first response to the phishing attacks in May. Earlier this month, the company announced “OAuth apps whitelisting,” a feature that allows G Suite administrators to control and restrict how third-party applications use employees’ data.

Image: Google

Since you’re here …

… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.

Cookies

We employ the use of cookies. Find out more.