Cybersecurity requires continual vigilance, whether it's using built-in protections, or providing resources for changing security threats. In acknowledgement of Cybersecurity Awareness Month, we wanted to share our progress across a number of security efforts, and announce a few new technologies that help us keep more people safe online than anyone else.
Continuing our efforts to keep you safer online
In the past year, we’ve worked on various security upgrades, from making sign-ins easier and more secure, to spreading awareness of specific threats. Recently, we shared our experiences from the last decade of building a world-class security operation with a behind the scenes look at our elite security teams in the new HACKING GOOGLE docuseries. Now, we’re building on our work by providing educational resources.
Today, we’re officially launching the online safety lessons we announced earlier this year. The lessons feature Khan Academy founder, Sal Khan, and Google security experts, giving actionable tips to help keep your online accounts secure, browse the web safely, detect phishing attempts and more. Whether you’re a professional, parent, grandparent or student, these videos — and Khan Academy's Internet Safety course — will help you stay safer even as new security risks emerge online.
For years, we’ve been at the forefront of improvements to authentication technology, and earlier this year we shared the progress we’ve made on our Google Password Manager in Android and Chrome, and how we’re accelerating industry-wide progress toward a passwordless future. Today, we’re announcing the next stage in this journey with the release of passkey support for developers on Android and Chrome. General availability for everyone using Android 9 and higher will follow later in November. This is a critical step in the wide adoption of passkeys, which will work with your Google Password Manager to further simplify sign-ins across devices, websites and applications — no matter the platform. The best part? Instead of typing a password, you can sign in with whatever method you usually use to unlock your phone (passcode, fingerprint, facial recognition, etc.).
Partnering to protect high-risk users
With the U.S. midterm elections quickly approaching, we’re continuing to protect high-risk users, like journalists and campaigns, through our security tools and partnerships. Our Campaign Security Project with Defending Digital Campaigns provides organizations across the political spectrum with tools and resources to train candidates and campaign workers on how to stay safe online. To date, the program has trained over 5,300 election-related stakeholders over the course of 52 training sessions and workshops around the country — allowing us to better protect these high-risk individuals amid a changing threat landscape.
We’re also continuing to help protect democracies on a global scale by collaborating with leading organizations like the International Foundation for Electoral Systems (IFES). This collaboration helps high-risk users enhance their cybersecurity with the Advanced Protection Program (APP), our strongest form of account security for those at risk of state sponsored attacks. We’ve also continued to donate Google Titan Security Keys to high-risk organizations and individuals, which can be used as a form of 2-Step Verification (2SV) for advanced account security.
Products that keep you secure by default
For security to be effective, it has to be easy, which is why most of our protections are built-in and automatic. For example, Google Play Protect provides automatic, daily malware scanning on all the apps on your Android device, even when you're offline. And our 2-Step Verification (2SV) requires just one tap to create secure, verified access to your account. Now Google is making it even easier to enroll in 2SV and get security notifications:
- 2SV enrollment with Google Assistant: Simply ask, “Hey Google, how do I set up 2-Step Verification?” If you’re not enrolled, Assistant will even remind you to sign up when you ask privacy and security questions, such as, “Hey Google, how do you keep my data safe?" We’re also making it easier to apply software updates — a critical step in securing your devices — by enabling auto updates via Google Home.
- Safety status: To further strengthen the security of your account, we’re making safety status on your Google Account easily visible as part of your profile picture across the apps you use every day. If anything on your account needs security attention, you’ll know right away. A simple yellow or red alert will highlight actions you should take to secure your account, so you never have to worry about missing a critical security update again.
- Safety Insights: We’re rolling out a feature in the Google app for iOS that gives you site-specific safety information — including a description of the cookies used by the site, alerts for unsecure sites and soon, reminders for passwords that may have been compromised. You can also access the “Results about you” tool, which allows you to request the removal of search results that contain your personal contact information (i.e., phone number, home address, email address) from search results.
Keeping your connections private and secure
We build our products with your privacy and security in mind. That’s why our latest Nest cameras and doorbells are designed for your security: They use encrypted video, 2SV, and the enhanced security of your Google Account. And today, we’re announcing that if you have a Pixel 4 or more recent model that uses Android 12 or above, your mobile traffic on the Google Fi cellular network is automatically encrypted and private.
As we continue into Cybersecurity Awareness Month, stay tuned for more updates — from keeping the upcoming elections safer, to moving us further into a passwordless world. Visit our Safety Center to stay up to date and learn more about how we’re making every day safer with Google.