News > Google

Google’s Digital News Initiative Fund

Category: Google | Sep 12, 2017

Editor’s note: In April 2015, Google announced the Digital News Initiative, a partnership with European news organizations to support high-quality journalism through technology and innovation. In this guest post, Bart Brouwers, a Dutch journalism professor at the University of Groningen and a council member of the Digital News Initiative’s Fund, looks back at what the Digital News Initiative’s fund has accomplished so far.

If the distribution of money from Google’s DNI Innovation Fund is any indicator of the state of innovation in Europe, then Britain and Germany are doing great.

With more than 90 funded projects between them in the first three rounds of funding, the two countries stand head and shoulders above the others. Germany’s projects have been allocated more than 13 million euros, with around 7 million in Britain. Spain (with 25 projects) is just behind them: 6.6 million euros. My home country the Netherlands is in the middle with 18 projects and allocated funding of 2.5million euros.

So far, 73.5m of the available 150m euro have been distributed. The newest winners were announced on July 6th and we’ll begin accepting applications for Round 4 on September 13th.

As a member of the DNI Innovation Fund Council, I often get questions about how the process works, how projects are evaluated and what role the Fund plays in furthering innovation in publishing. I’ll do my best to explain it here.

The DNI Council consists of three Google representatives and ten publishers, scientists and journalists from across Europe. The Chairman is Portugal’s Joao Palmeiro. For the ten of us who are non-Googlers it’s voluntary work; For us,: it’s an opportunity to see behind the scenes of European media innovation. Because of the overwhelming interest (some 3,082 initiatives were submitted for the first three rounds!), the Council focuses mainly on the category of large projects—that is, applications for more than 300,000 euros.

When we met in the Dutch innovation capital of Eindhoven this June to judge the applicants of the third round, the debate occasionally became heated; justifying the acceptance or rejection of a proposal isn’t something any of us takes lightly. The debate over each application, as well as the distribution of funding across countries takes time because, just as the level of innovation differs from country to country, so does the number of applications, the nature of the projects and more.

Because  it’s difficult to weigh a blockchain application against a video project or a new distribution model for content we consider six aspects when evaluating projects: the potential impact on the European ecosystem, transformation for the organization, innovation, the use of technology, feasibility and income possibilities. In particular, in evaluating the aspect of transformation, organizations which may be lagging behind in digitization terms are given a bit of an extra chance. This means that sometimes a project receives assistance because the applicant’s organization or country might be transformed by the project—even if a similar project is already running elsewhere.

This is an important point for potential applicants to know: that the presence of a similar initiative elsewhere is not a reason to deny funding.  Two initiatives working on a similar topic can sometimes have a better chance of succeeding than just one, and the circumstances between projects are always just a little bit different.

When reflecting upon the trends of which initiatives are receiving funding, I’d argue that it’s not a reflection of the Council’s taste, but of the breadth and variety of the applications. In the first two rounds, for example, as detailed in the DNI Innovation Fund Report, seven categories rose to the top: Intelligence, Workflow, Interface, Social, Business Model, Distribution and “Next Journalism.” This last group—far and away the largest— includes issues of verification (pretty much everything summed up in the battle against fake news, and restoring trust in journalism). Around 25 projects of this type received support in the first two rounds—and funding was decided before “fake news” became household language.

Of course through the Digital News Initiative, Google wants to display its friendliest face to the European media sector. That this image cannot be taken for granted recently became apparent again with the 2.4-billion fine imposed by the European Commission in its antitrust action for Google’s shopping comparison service, but the internet giant has also had other difficulties with Europe. Free news, a ‘captured’ advertising market – these are just a few of the accusations which the publishers and the European Commission lay at Google’s door.

The DNI Fund meets a need, both for the news industry as a whole and for the individual players in it. Given the massive volume of applications, there certainly appears to be no shame in taking Google’s money.

Recently many DNI-Fund supported project teams from all over Europe met in Amsterdam to demonstrate their progress. For many, the DNI support was essential to the steps they have taken so far—and that progress should be celebrated. But it should not gloss over the fact that true innovation entails plenty of failure. For Council members, this comes up quite often: how important is it to support initiatives whose feasibility might be doubtful, but which could certainly inject new movement into the sector even if they fail? For the time being the need for media innovation in Europe is still so great that the answer is a full-throated yes.

Would you also like to submit an application to the DNI fund? Submissions will open again from September, 13 until October, 12. More info here. You can download our first DNI Innovation Fund report 2016-2017 here to read more about our funded projects and key insights.  


Safe Browsing: Protecting more than 3 billion devices worldwide, automatically

Category: Google | Sep 11, 2017

In 2007, we launched Safe Browsing, one of Google’s earliest anti-malware efforts. To keep our users safe, we’d show them a warning before they visited a site that might’ve harmed their computers.


An early Safe Browsing notification

Computing has evolved a bit in the last decade, though. Smartphones created a more mobile internet, and now AI is increasingly changing how the world interacts with it. Safe Browsing also had to evolve to effectively protect users.

And it has: In May 2016, we announced that Safe Browsing was protecting more than 2 billion devices from badness on the internet. Today we’re announcing that Safe Browsing has crossed the threshold to 3 billion devices. We’re sharing a bit more about how we got here, and where we’re going.

What is Safe Browsing?

You may not know Safe Browsing by name, since most of the time we’re invisibly protecting you, without getting in the way. But you may have seen a warning like this at some point:

Safe browsing - transparent

This notification is one of the visible parts of Safe Browsing, a collection of Google technologies that hunt badness—typically websites that deceive users—on the internet. We identify sites that might try to phish you, or sites that install malware or other undesirable software. The systems that make up Safe Browsing work together to identify, analyze and continuously keep Safe Browsing’s knowledge of the harmful parts of the internet up to date.

This protective information that we generate—a curated list of places that are dangerous for people and their devices—is used across many of our products. It helps keep search results safe and keep ads free from badness; it’s integral to Google Play Protect and keeps you safe on Android; and it helps Gmail shield you from malicious messages.

And Safe Browsing doesn’t protect only Google’s products. For many years, Safari and Firefox have protected their users with Safe Browsing as well. If you use an up-to-date version of Chrome, Firefox or Safari, you’re protected by default. Safe Browsing is also used widely by web developers and app developers (including Snapchat), who integrate our protections by checking URLs before they’re presented to their users.

Protecting more people with fewer bits

In the days when web browsers were used only on personal computers, we didn’t worry much about the amount of data Safe Browsing sent over the internet to keep your browser current. Mobile devices changed all that: Slow connections, expensive mobile data plans, and scarce battery capacity became important new considerations.

So over the last few years, we’ve rethought how Safe Browsing delivers data. We built new technologies to make its data as compact as possible: We only send the information that’s most protective to a given device, and we make sure this data is compressed as tightly as possible. (All this work benefits desktop browsers, too!)

We initially introduced our new mobile-optimized method in late 2015 with Chrome on Android, made it more broadly available in mid-2016, when we also started actively encouraging Android developers to integrate it. With the release of iOS 10 in September 2016, Safari began using our new, efficient Safe Browsing update technology, giving iOS users a protection boost.

Safe Browsing in an AI-first world

The internet is at the start of another major shift. Safe Browsing has already been using machine learning for many years to detect much badness of many kinds. We’re continually evaluating and integrating cutting-edge new approaches to improve Safe Browsing.

Protecting all users across all their platforms makes the internet safer for everyone. Wherever the future of the internet takes us, Safe Browsing will be there, continuing to evolve, expand, and protect people wherever they are.


Driving the digital transformation of “sending” with Google technologies

Category: Google | Sep 11, 2017

Editor’s Note: Today we hear from Pitney Bowes, a global provider of innovative shipping solutions for businesses of all sizes. Learn how this established company used Android, Apigee, G Suite and Orbitera to create new cloud-based solutions, add flexibility and intelligence to sending devices and develop an app store that better serves their clients.

At Pitney Bowes, we’re always looking for new ways to transform the shipping and mailing industries. That’s been true from our first postage meter in 1920 to our digitally connected SendPro C-Series all-in-one office solution today. And with the help of Google, we’re delivering even more ways for our customers to reduce the complexity and cost of shipping, mailing, and global fulfillment.

 Google, through its Android, Apigee, G Suite and Orbitera teams and technologies, has been foundational to the digital transformation of Pitney Bowes and the new capabilities we can now deliver to customers. It’s been an incredible and exciting journey for us, with many learnings along the way.

Before we could help our clients transform their businesses, we first needed to digitally transform our own. We began by reviewing our assets, such as our multicarrier shipping capabilities, data quality, location intelligence and mapping software. How could we securely and efficiently make these solutions available on open platforms? Could we combine them with features from our technology partners to create new solutions? What would be the best approach to modernize our offerings with our existing physical and digital solutions, without disrupting the customer experience?

One of the ways we answered those questions was by creating the Pitney Bowes Commerce Cloud, based in part on Google’s Apigee API management platform. The Apigee platform and team helped us create new cloud-based solutions based on our assets and connect our new cloud solutions to our enterprise business systems such as billing.

Today, we have 160 public APIs delivered from the Commerce Cloud in the areas of location intelligence, shipping, global ecommerce and payments. Apigee became the gateway that shares these capabilities with developers and technology partners in a developer-friendly way, while also helping to protect our new open developer environment from cyber threats. In addition, Pitney Bowes uses Apigee to grant internal developers access to more than 400 internal APIs.

Our use of Android has modernized our physical sending devices and made them more flexible, user friendly and intelligent. The community of developers that can now create new applications and services for our sending devices has expanded from a handful to hundreds of Pitney Bowes developers—and millions of industry developers as well.

We, our clients, and our partners choose from millions of existing Android apps that we deliver to help our users be more productive. The speed with which we deliver new value to our clients has accelerated dramatically.

Furthermore, we’ll be leveraging Google Orbitera to provide an app store to our small businesses with access to innovative applications from Yext, Acquisio, G Suite and others. Providing our small business customers additional value from their relationship with Pitney Bowes will help them grow their businesses and operate more efficiently.    

We’re very excited by what the future holds. By collaborating with companies like Google, and leveraging modern cloud, APIs, IoT and mobile technologies, Pitney Bowes is transforming how we serve our clients and reinventing our business for our next century.


Take your startup on exchange to Campus Seoul

Category: Google | Sep 11, 2017

Editor’s note: Campus Exchange is a startup exchange program hosted by Google for Entrepreneurs. This fall, Campus Seoul looks forward to welcoming the first-ever Asia-Pacific cohort for Campus Exchange: APAC Commerce from November 6-10, 2017. Startups in e-commerce and retail from across Asia-Pacific are encouraged to apply here by September 24, 2017.

As one of the world’s top trading countries, Korea can certainly teach entrepreneurs around the region valuable lessons in e-commerce and retail. Here at Campus Seoul, we’ve crafted the perfect Campus Exchange program for startups to do just that.

If you’re an Asia-based e-commerce or retail startup, we invite you to join the  first-ever Campus Exchange: APAC Commerce in Seoul from November 6-10, 2017. The program will give founders and startup leaders the opportunity to grow their business through targeted mentoring, connections and exposure to leaders and successful businesses in the Korean retail industry. Eligible startups can apply here by 23:59 (Korea time) on September 24, 2017.

Campus Exchange: Commerce

This week-long immersion will bring together eight to 10 of the region’s best startups in the e-commerce and retail industry at Campus Seoul, Google’s space for startups in Korea. As a participant in Campus Exchange: APAC Commerce, you’ll have individually-tailored networking opportunities, workshops on performance marketing, meetings with major commerce players in Korea and 1:1 mentoring sessions with Google experts and venture capitalists.

Past participants in Campus Exchange have expanded their network, increased revenue, gained new clients and grown their business in new markets. Pedro Matsumura Kayatt, co-founder of VRMonkey—a virtual reality start-up based in Brazil—said his business grew tremendously after he had the chance to learn alongside other startup founders from around the world.

Our company has definitely become much more mature.

Pedro Matsumura Kayatt

Co-founder, VRMonkey

If you’re a founder who wants to join a global Campus community and grow your e-commerce or retail business with new insights from Korea, we encourage you to apply here. Come join our global Campus community — 화이팅! You can do it!  We hope to see you soon in Seoul!


Daydream Labs: Experiments with ARCore

Category: Google | Sep 11, 2017

ARCore brings augmented reality capabilities to millions of Android phones. It’s available as an SDK preview, and developers can start experimenting with it right now. We’ve already seen some really fun, useful and delightful experiences come through; check out for some of our favorites.

Daydream Labs has been in on the fun and experimentation, too. We’re exploring new interactions, including unique ways to learn about the world around you, different ways to navigate, and new ways to socialize and play with friends.

Here’s some of what we’ve made so far!

Using AR as a magic window into Street View

We built a prototype that lets you zoom into The British Museum and see Street View panoramas from the front of Great Russell Street.


Helping you see the future

With AR, we prototyped a way for architects to overlay models on top of construction in the real world to show how a finished home would look.


Skills training with ARCore

We brought our VR version of the Espresso Trainer into AR. You can use your phone to learn each step of making a perfect espresso. People who had never used the machine before made their first espresso from scratch, with perfect crema to boot!


Controlling virtual position through reality

We built a way to explore Street View without having to click arrows—just walk forward in physical space to adjust your virtual position.


Highlight AR content

We played around with the idea of putting floating AR content in front of the user, and controlling depth of field and desaturation of the camera feed based on user motion. This experiment allows digital assets to “pop,” directing people’s attention there and encouraging them to explore and interact.


Blocks model: RAWRRR!! By Damon Pidhajecky

Share your position with VPS

We’ve been experimenting with Google’s VPS beta (Visual Positioning Service), announced at Google I/O in May. VPS enables shared world-scale AR experiences well beyond tabletops. For example, this prototype lets you share your position with a friend, and they’ll be guided right to you with VPS. We’ve played quite a few games of hide-and-seek with it!


Want to dive in further?

We’ve been having a ton of fun building with ARCore, and we encourage you to grab the Unity, Unreal or Android SDKs to see what you can create. We’ve also been playing with our new prototype AR-enabled browsers for Android and iOS—look for those experiments in the future. Don’t forget to tag your creations on social media with #ARCore.


The High Five: Hurricane Irma, DACA and the Pope—search trends from this week

Category: Google | Sep 8, 2017

Each week, we take a look at the most-searched trends (with help and data from the team at Google News Lab). Here are a few top trends from this week:

Hurricane Irma

Irma was on the minds of many throughout the week, as the hurricane devastated the Caribbean and headed toward the U.S. As Florida braces for impact, people are searching for how to prepare—top searches in Florida include “how to board up windows” and “how to install hurricane shutters.” Floridians are also searching for where they can stock up on supplies like sandbags and water. Across the U.S., top queries include, “Where has Hurricane Irma hit?” “How wide is the eye of Hurricane Irma?” and “How to volunteer for Hurricane Irma?”


President Trump’s administration rescinded DACA (Deferred Action for Childhood Arrivals), which provides legal protection for immigrants—known as “Dreamers”—who came to the U.S. unlawfully as children. People searched for more information about the legislation, as well as information about how to take action. The top three questions about DACA were: “What to say to senators about DACA?” “When was DACA set to expire?” and “What do DACA recipients receive?” The top three states searching for DACA—Arizona, California and New Mexico—are ones with high populations of Dreamers.

On a lighter note

This week, celebrity news was ready to pop with baby announcements. Two celebrity couples—Kim Kardashian and Kanye West, and Princess Kate and Prince William—are expecting baby number three. Top searches for Kim and Kanye were about Kim’s surrogate, and people wanted to know who the surrogate is, why they’re using one, and how much they’re paying her. As for William and Kate, people are curious about the ages of the parents as well as the ages of their babies. If all this baby talk has you wondering about popular names these days, the top searched baby names this week were James, Isabella and Michael.

“Wow, in front of the Pope!”

That’s how the head of the Catholic Church responded when a young man proposed to his girlfriend during a papal audience. Bold move. People were searching about the proposal and for other Pope-related information like, “How long has the Pope been the Pope?” and “What country did the Pope recently visit?” And speaking of proposals … the top “how to’s” related to proposals include: “How to know if you should propose, “How to get your boyfriend to propose,” and “How to tell if he’ll ever propose.” Not sure Google (or the Pope) can help answer that one.

Roses are red, chocolates are ruby

The final trend of the week ends on a sweet note. Swiss company Barry Callebaut debuted a new natural ruby-colored chocolate this week, and chocolate lovers must know: “Where to buy ruby chocolate? “What variety bean is used in ruby chocolate?” and “Is Ruby chocolate vegan?” Other than pink chocolate, top searched pink foods this week were “pink drink Starbucks,” “pink moscato” and “pink champagne.”


This week’s #teampixel feature:

Category: Google | Sep 8, 2017

This week’s tips come from Naina Redhu, India-based lifestyle photographer and blogger, who says that more is more when shooting but less is more when sharing. Check them out, then grab your Pixel to practice.

What/who are your favorite photography subjects?

I look for colors, textures, shapes and light. I’ll photograph anything/anyone, whether inanimate or alive. If it helps me capture a memory, even better.

What is the biggest difference between shooting on a phone versus camera? Do you prefer one over the other?

Phone photographs, in my opinion, force me to be a better photographer. I need to get the image right the first time. With a DSLR I can be a bit lazy and can adjust exposure / contrast later. Even if a phone has the ability to capture RAW images, it’s still not a full-frame sensor. If I had my way, I would photograph everything with a phone. Especially the Google Pixel. The quality of images it allows me to produce is insane.

What’s a piece of advice for capturing great shots?

Shoot a lot. Use technology to your advantage. Use the burst mode. Don’t be shy to use the Auto/Program mode to your advantage. You focus on the subject and let the gear worry about optimum settings.

Then choose which images to share wisely. Just because you have something on your camera roll doesn’t mean it deserves to be shared publicly. Curation and selection are also important. When in doubt, hit the shutter button. You can always decide to delete the capture but you can’t create the capture after the moment has passed.

Don’t miss #teampixel’s final moments of summer, and check back for more photos this fall! images looks for “colors, textures, shapes and light” when photographing

Screen Shot 2017-09-07 at 12.00.02 PM.png

A cat with a cartoon smile by @jjb961, flying solo by @decadance


A little slice of heaven near San Andrés Islas by @joelmarkgranger

Screen Shot 2017-09-07 at 12.01.54 PM.png

Visiting Mehrangarh Fort with @amusinging, throwing shade with @mrberliner

Screen Shot 2017-09-07 at 12.08.24 PM.png

Cool mornings with a collie in Nose Hill Park by @haylescolin, and buggin’ out at Heart Rock Trail with @lizziephillips81

Screen Shot 2017-09-07 at 12.07.26 PM.png

Sunny and striped in Costa Nova, Aveiro, Portugal by @travelgrammage, and on the up & up at Rangoli Greens with @jaineetmandot


Improving our privacy controls with a new Google Dashboard

Category: Google | Sep 8, 2017

Data helps improve our products, keep them safe, and—with your permission—tailor them to match your interests.

But those interests, and how you want them to shape your Google experience, are constantly changing. That’s why we build powerful, easy-to-use tools that enable you to adjust your privacy preferences, anytime. We’re constantly working to refine these tools based on your feedback. In 2016 alone, we asked 4,000+ people from more than 15 countries around the world to tell us how they feel about privacy and security. This kind of feedback helps us build thoughtful products that cater to your needs.

Today, we’re announcing a refresh of the Google Dashboard, one of the first places people visit to see the products they use and the data associated with them. It will launch everywhere beginning next week. We also have some updates on the trends we’re seeing across our existing privacy tools and controls.

Making it easier to use Google Dashboard

Google Dashboard launched in 2009 to give you a snapshot of the Google products you use, all in one place. You could review your Google activity in the last month, see how many emails, docs and photos you have, and get answers to questions about Gmail settings. Dashboard also offered quick access to select product settings and related help center articles.

But as we built new tools like My Account and My Activity, it became clear that we needed to better integrate Dashboard into our other privacy controls. It should always be easy for you to make meaningful decisions about your data—and we decided we could do better.

In the coming days, we’ll be rolling-out a brand new version of the Google Dashboard. Here’s how it looks:

Google Dashboard

The Google Dashboard before (left) and after (right) the update

We re-designed Dashboard from the ground up. The most important change was to improve usability on touchscreens, ensuring Dashboard works well on any device. We also worked to make it easier to see an overview of the Google products you use and your data in each of them. And we made the process for downloading data much easier.

Powerful privacy controls that work for you

You may not use them every day, but our privacy controls are there whenever you need them. And we’re happy to see that they’ve proven to be useful for many people, each with their own needs.

Last year, we launched My Activity to provide a single, private destination where you can see how you’ve used our services. More than 150 million people have used My Activity to track down that funny video they watched, remember the obscure search that pointed them to that fascinating news article, and much more. Of course, if you want to delete any of your items in My Activity, you can. You—and only you—can view and control the information in My Activity.

Our My Account launch in 2015 included the Privacy Checkup, a simple tool for controlling your data across Google and updating the personal information you share and make public. We’re pleased to report that the checkup has been popular: Tens of millions of Google users around the world have used it to help suit their privacy preferences. My Account has also proven popular with and valuable to our users, with hundreds of millions of visitors every year.

In 2011, we created “Takeout,” now known as “download your data,” to enable anyone to download a copy of their data or export their information out of Google. Since then, users have downloaded more than one exabyte of data, and today we see more than 1 million exports every month. You can already move your data directly to OneDrive and Dropbox, and we’ll soon add Box and other options as well.

In 2009, we launched our ads preferences manager, now called Ads Settings. This is a powerful dashboard where you can control how we tailor ads to you, across the web and on YouTube. The tool has more granular controls as well. For example, if you only want to see ads related to certain types of categories, like sports or entertainment, you can add those categories and remove others.

Building tools that help people understand the data stored with their Google Account and control their privacy is a constantly evolving effort. We’ll never stop working to refine and improve. To learn more about our commitment to protect your privacy, visit


Celebrating International Literacy Day

Category: Google | Sep 8, 2017

UNESCO’s International Literacy Day is a moment to celebrate the magic of reading, and to find solutions that can help the more than 250 million children around the world who lack basic literacy skills. Many of these children are at risk of falling even further behind due to a lack of sufficient reading materials or access to environments that promote learning. For example, in the U.S., each year 43.2 books are published for every 100,000 people, while in India, a country with 22 official languages, that number is only 6.3.

Earlier this year, announced a $50 million commitment to support organizations that are using technology to increase literacy and close the global education gap. As part of this effort, Pratham Books received a grant to accelerate development of their StoryWeaver platform, which allows anyone to read, write and translate digital stories for free. These translations, as well as the original stories, are openly licensed, meaning they’re available for free for anyone to download, remix and distribute for use in the classroom and beyond.

Today marks StoryWeaver’s second birthday. When the platform launched in 2015 it featured 800 stories in 24 languages. Since receiving a grant from, StoryWeaver has grown dramatically to now have 4,600 stories in more than 90 languages and a global readership of 2 million. StoryWeaver also recently won the 2017 Library of Congress Literacy Award.

To celebrate International Literacy Day, during the month of September we’re mobilizing Googlers from Dublin to Singapore to Mountain View to volunteer to translate stories for young readers. Googlers speak more than 70 languages, so we’re hosting hour-long volunteer events (“translate-a-thons”) in our global offices, where Googlers can come together to translate books.

Googler participating in a StoryWeaver Translate-a-thon

Googler Mahmoud Ramadan participates in a StoryWeaver Translate-a-thon

Earlier this week, Googlers in our Dublin office—itself home to 65+ languages—kicked off our very first translate-a-thon. Xime Daud decided to translate “Gul in Space,” a story about a young girl traveling to the International Space Station, from English into Spanish. Halfway across the world, a Singapore-based Googler, Marv Echipare, also translated “Gul in Space,” this time into Tagalog. Afterward, he said: “In the Philippines, there is a dichotomy between those who are well off and have access to books, and those on the other side, where you see small rural villages that hardly have access to anything. If technology can bring learning material like these books to them, that’d be great, and the first step is putting it in a language they understand.”

Have 20 minutes to spare? Consider authoring, translating, illustrating or reading a story on StoryWeaver!


7 ways admins can help secure accounts against phishing in G Suite

Category: Google | Sep 8, 2017

We work hard to help protect your company against phishing attacks—from using machine learning, to tailoring our detection algorithms, to building features to spot previously unseen attacks. While we block as many external attacks as we can, we continue to build and offer features designed to empower IT administrators to develop strong internal defenses against phishing.

Here are seven things we recommend admins do in G Suite to better protect employee data.

1. Enforce 2-step verification

Two-step verification (2SV) is one of the best ways to prevent someone from accessing your account, even if they steal your password. In G Suite, admins have the ability to enforce 2-step verification. 2SV can reduce the risk of successful phishing attacks by asking employees for additional proof of identity when they sign in. This can be in the form of phone prompts, voice calls, mobile app notifications and more.

Image 1: phishing post

G Suite also supports user-managed security keys—easy to use hardware authenticators. Admins can choose to enforce the use of security keys to help reduce the risk of stolen credentials being used to compromise an account. The key sends an encrypted signature and works only with authorized sites. Security keys can be deployed, monitored and managed directly from within the Admin console.

2. Deploy Password Alert extension for Chrome

The Password Alert chrome extension checks each page that users visit to see if that page is impersonating Google’s sign-in page and notifies admins if users enter their G Suite credentials anywhere other than the Google sign-in page.

Admins can enforce deployment of the Password Alert Chrome extension from the Google Admin Console (Device management > App Management > Password Alert)—just sign in and get started. You should check “Force installation” under both “User Settings” and “Public session settings.”

Image 2: phishing post

Admins can also enable password alert auditing, send email alerts and enforce a password change policy when G Suite credentials have been used on a non-trusted website such as a phishing site.

3. Allow only trusted apps to access your data

Take advantage of OAuth apps whitelisting to specify which apps can access your users’ G Suite data. With this setting, users can grant access to their G Suite apps’ data only to whitelisted apps. This prevents malicious apps from tricking users into accidentally granting unauthorized access. Apps can be whitelisted by admins in the Admin console under G Suite API Permissions.

Image 3: phishing post

4. Publish a DMARC policy for your organization

To help your business avoid damage to its reputation from phishing attacks and impersonators, G Suite follows the DMARC standard. DMARC empowers domain owners to decide how Gmail and other participating email providers handle unauthenticated emails coming from your domain. By defining a policy and turning on DKIM email signing, you can ensure that emails that claim to be from your organization, are actually from you.

5. Disable POP and IMAP access for those who don’t need it

The Gmail clients (Android, iOS, Web) leverage Google Safe Browsing to incorporate anti-phishing security measures such as disabling suspicious links and attachments and displaying warnings to users to deter them from clicking on suspicious links. 

By choosing to disable POP and IMAP, admins can ensure that all G Suite users will only use Gmail clients and benefit from the built-in phishing protections that they provide. POP and IMAP access can be disabled by admins at the organizational unit level.

Note: all third-party email clients including native mobile mail clients will stop working if POP and IMAP are disabled.

Image 4: phishing post

Image 5: phishing post

6. Encourage your team to pay attention to external reply warnings

By default, Gmail clients (Android, Web) warn G Suite users if they’re responding to emails sent from outside their domain by someone they don’t regularly interact with, or from someone not in their contacts. This helps businesses protect against forged emails, from malicious actors or just plain old user-error like sending an email to the wrong contact. Educate your employees to look for these warnings and be careful before responding to unrecognized senders. Unintended external reply warnings are controlled from the Admin console control in the “Advanced Gmail” setting.

Image 6: phishing post

7. Enforce the use of Android work profiles

Work profiles allow you to separate your organization’s apps from personal apps, keeping personal and corporate data separate. By using integrated device management within G Suite to enforce the use of work profiles, you can whitelist applications that access corporate data and block installation of apps from unknown sources. You now have complete control over which apps have access to your corporate data.

Image 7: phishing post

These steps can help you improve your organization’s security posture and become more resistant to phishing attacks. Learn more at or sign up for our security webinar on September 20, 2017 which features new security research from Forrester and a demonstration on how the cloud can help effectively combat cyber threats.