Google launches a new form of secure login for corporate customers. It calls contextually conscious access. Instead of relying solely on users to set up two-factor authentication and manage secure passwords, contextual access will allow system administrators for G Suite companies to set a set of parameters in place that can prevent harmful third parties from accessing secure systems.
These parameters, as the name suggests, can now be based on the user's context: where they log in, the IP address of the machine they are using, the time of day, and other factors. The news was announced this morning the other day at the company's Cloud Next conference in San Francisco.
"People will increasingly access their critical business on the devices that make the most sense of how they work," writes Jennifer Lin, Product Manager at Google Cloud, in a blog posts published today. "Traditional access solution solutions, however, often add security in violation of flexibility by imposing one-size fits, all gross-size controls that restrict users."
Google reacts mostly to two trends here. The first is that the hacks are always becoming more sophisticated, with new solutions like SIM hacking to bypass SMS-based two-factor authentication and advanced forms of phishing that compromise login details. The other is that, with cloud and mobile access to external systems, modern work is increasingly spread throughout the world as employees access software on any number of different devices in any number of different locations and network environments.
To improve security, it makes sense that Google will give system administrators some more control over the conditions where the user can access a secure system that contains sensitive data. Currently, contextually aware access is reserved for selected G Suite customers who use the company's VPC Service Controls. Access for customers using Cloud Identity and Access Management (IAM), Cloud Identity-Aware Proxy (IAP), and Cloud Identity will be available soon.