Posted by Neil Delaney, Director, Global Inside Sales / Mid-Market, Google Apps for Work


Back in October, we made it easy for companies locked into an Enterprise Agreement (EA) to switch to Google Apps by providing our productivity suite for free until their existing contracts expired. We even helped prospects with the deployment costs of going Google through the help of our Google for Work Partners. And if interested companies weren’t under contract, we offered to help pay for their migrations from other solutions to Google Apps.

Since then, nearly 200,000 additional users have gone Google. We’ve also received tremendous interest to make the program available to smaller companies. So today, we’re excited to announce we’re extending the global program until the end of 2016. Companies between 250 and 3,000 that currently have an EA with another vendor can qualify for zero-cost Google Apps licenses for the term of their existing EA. And now, companies with 100 users (previously 250) to as many as 3,000 can qualify for a Deployment Voucher. This greatly expands the number of companies that can take advantage of the Deployment Voucher.

In addition to saving money and improving business productivity, the security benefits of Google Apps are especially valuable to mid-market businesses. For mid-market customers that sign up for this promotion, Google will pay for a Security Workshop, to the value of $750USD, through our trained Partners, to help them maximize the security and data protections Google Apps offers.

One example of those data protections are Security Keys. To help get customers started with security keys, our security partner Yubico will provide a limited number of free Security Keys for mid-market customers. These keys help protect users from phishing, account hijacking and other attacks with 1-touch encrypted, 2-step verification. They’re state-of-the art in account protection. They’re also a great example of the security benefits of Google Apps. Additional Security Keys can be purchased at a 50% discount.

Finally, with this announcement, a number of our Recommended for Google Apps for Work partners are announcing additional cost-savings for Google Apps mid-sized companies. Customers can now get similar savings when they build structured document lifecycles and workflows with AODocs and Powertools, move business phone systems to the cloud with Dialpad, use a tightly integrated CRM from Prosperworks or manage projects online with Smartsheet.

Our EA program gives new customers the opportunity to influence the move to Apps — and gives decision makers the final incentive to make the switch.

“Even before we made the official switch to Google, many of our employees used Apps without involving IT. Our entire international team migrated on their own before the roll out, because our previous solution didn’t mesh with their workflow,” says Sam Davidson, systems engineer at The Motley Fool. “Our previous solution was sluggish, with pretty consistent outages. We wanted to move to Google Apps, but we were locked into a three-year contract with our previous provider. The [EA] program allowed us to make the switch much sooner.”

Mid-size companies don’t always have the same resources as larger enterprises, and constraints (like contract lock-in) shouldn’t hinder collaboration or efficiency at work.

Additionally, companies with basic EAs and no dependencies have the potential to cut costs by up to 70 percent through switching to Google Apps for Work.

“Peterborough City Council took advantage of the EA program when the previous provider wouldn’t let us move from on-premise to the cloud without breaking a contract. Our council felt comfortable making the switch after evaluating companies and other councils that had already gone Google,” says Richard Godfrey, Project Director at Arcus Global and formerly Assistant Director, Digital at Peterborough City Council, England. “We’ve come to expect the pace of innovation that Google offers, as well as the flexibility it enables for our team. Google Apps will give us the freedom to work anywhere; all our employees need is a Chromebook, mobile phone and an internet connection.”

Learn more or call 844-420-0601 to get started now!

Posted by Gerhard Eschelbeck, VP of Security & Privacy Engineering


I’m quite excited to be speaking at the RSA Conference this week in San Francisco, joined by thousands of security professionals from around the world. If you’re attending RSA, please visit Room 2004 at 2:20 p.m. tomorrow. I’ll talk a bit about my experience in the security industry and share some of the challenges and advantages I’ve experienced protecting users and customers at Google. Like many professionals visiting the conference, I became interested in security many years ago because it was a challenging, exciting and intellectually fascinating area. Back then, very few of us could have predicted how those challenges would grow in scale and complexity. But the technology available to address those challenges has also evolved, and today I see a safer Internet within reach.

When we think about innovation at Google, most of us think about balloons delivering wireless access or driverless cars. But for many years, we've been innovating at scale with security as well. Google has a long history of accelerating innovation and facilitating the adoption of new technology — like two-step verification (2SV), Security Keys, SSL encryption and even removing spam in email. Remember when spam was going to cripple email in the 90’s? Today, spam is down to less than 0.1% for the average Gmail user — one of the earliest and finest examples of applying massive computing power and machine learning to solve a big security challenge. We believe technology can help solve more of the challenges we face.

For example, today we’re adding new features to our Data Loss Prevention solution in Gmail. For users, security should just work. Because sensitive information can reside not just in text documents, but also in scanned copies and images, DLP for Gmail now uses Optical Character Recognition. We've also introduced additional detection parameters for fine-grained policy control and offer broader coverage of HIPAA data and personally identifiable information (PII) globally.

Many of us today see how large cloud providers play an increasing role in keeping our important information secure. At Google, we’re certainly putting our shoulder to the wheel.

To learn more about Google on security, check out my recent roundtable discussion on Medium. See you tomorrow in San Francisco!

Posted by Suzanne Frey, Director, Security and Privacy Engineering, Google Apps for Work

Today is Safer Internet Day, a moment for technology companies, organizations of all sizes and people around the world to focus on online safety, together. To mark the occasion, we’re adding two new security features to Gmail that will roll out to Google Apps domains in the coming weeks.

First, users who receive a message from, or who are about to send a message to, someone whose email service doesn’t support an encrypted connection (TLS), will see an open lock icon in the message. Users won’t see this icon when sending mail from one Google-hosted domain to any other, including gmail.com, since those emails are always sent over an encrypted connection. Gmail will always send and receive messages over TLS, unless the connecting service doesn’t support it.

Second, users receiving messages that aren’t properly authenticated with either Sender Policy Framework (SPF) or DKIM will see a question mark in place of their profile photo, corporate logo or avatar. Read more about both of these features on the Gmail blog.

To make the most of this day and every day forward, here are some additional features you can use as a Google Apps for Work admin to help protect user data.

1. Increase security at login, while keeping things easy for users                     Two-step verification is a well-known protection against the theft of login credentials, the most frequent threat on the Web today. As an admin, you can easily enforce use of 2-step verification to enhance security for all users in your Google Apps domain. Security keys make authentication even more secure and more convenient for users. They’re easy to deploy and easy to manage, and as a Google for Work customer, you even get a 50% discount.



2. Prevent sensitive information from leaving your network                               Activate Data Loss Prevention (DLP) to help prevent information from being revealed to those who shouldn’t have it. Gmail DLP automatically checks all outgoing emails and takes action based on predefined policies, which include quarantining the email for review, telling users to modify the information or blocking the email from being sent and notifying the sender. Check out our DLP whitepaper and learn how to get started. Stay tuned for more on DLP later this quarter.



3. Get the mail you want, not the spam you don’t                                                   Gmail has long been known for its smart spam filters, today spam is only 0.1% of messages in the average Gmail user’s inbox. To help you track and improve the quality of the mail sent and received at your domains, you can use the Postmaster Tools. You should also follow the best practices outlined in Google’s sender guidelines. For example, create a Sender Policy Framework, prevent spoofing by adding a digital signature to outgoing messages using DKIM and create a DMARC record to track and prevent unauthenticated messages sent from your domain.



4. Enforce mobile device policies in your organization                                       Mobile Management lets you control the devices that can connect to your users' Google Apps data, whether iOS or Android, and perform actions like remote wiping.

These are a few steps that can go a long way. If you activate any of these features today, you will contribute to an ever-brighter future for your brand, customers, employees, ideas and assets. The Internet is a big place, and it’s going to take global teamwork to make it the most secure.

We are grateful to be the trusted technology partner of businesses worldwide as we work together to make the Internet a safer place for everyone, everywhere.

Posted by Erzsi Sousa, Product Marketing Manager

Editor's note: We’re jumping into our Delorean to explore how some of our favorite historical figures might have worked with Google Apps. Today, in honor of National Breast Cancer Awareness Month, we imagine how Marie Curie’s discovery of radioactivity, which won a Nobel Prize and revolutionized modern cancer treatment, might have played out in a Google Apps universe.

Consider what Marie Curie accomplished in the face of adversity and with few resources. Despite being refused a place at the French Academy of Sciences and almost denied her first Nobel Prize for being a woman, she continued her work undeterred, securing a second Nobel Prize in Chemistry and developing methods for treating cancer with radiation therapy. To celebrate her, we explore how she might have worked in a different time — by using some of the tools we use today.

The radioactivity in Curie’s lab was so strong that it harmed her health — archivists today still use protective gear to handle her papers. Instead of carrying these radioactive documents, Curie could have kept them in the cloud with Google Drive, allowing for easy access whenever and wherever she needed them, without risking her well-being. Drive’s organization features could also have helped her organize her files and notes in folders, easily distinguishable by color and category.

Her easy access to files would also be secure with Drive’s built-in security stack. And to prevent anyone from stealing her discoveries, Marie Curie could have conveniently protected all of her files using the Security Key for 2-step verification along with password protection. This would ensure that she was the only one who had complete access to all of her work (she may even have thrown on a screen protector to shield her work from spying eyes on the train). To share the right documents with only the right people, Marie could have used sharing controls to give different groups access to relevant research.

With the voice typing feature in Google Docs that supports 40 languages, she could have dictated her numerous notes in her native Polish without stopping her research. She could have then used Google Translate to convert her papers into other languages, so that the global science community could see what she was working on.

Curie could have used Gmail’s Priority Inbox to create labels and organize her messages related to research, teaching and fundraising. Each label filters emails into its own section in her inbox, making it easy to notice new emails when they arrive. She might have created a “Physicist Community” label for correspondences with Pierre and other influential scientists like Henri Becquerel and Albert Einstein. She might also have used a “Fundraising” label to organize messages from members of the press and government who funded her research, including U.S. presidents Warren G. Harding and Herbert Hoover.

Even Marie Curie could have been the victim of seemingly neverending reply-all email threads. With Gmail, she could have avoided these distractions by muting the message so responses are automatically archived. For example, Curie could have muted the message from her Sorbonne colleagues who abused “reply all” in RSVP emails or broke out into a physics debate, letting her focus on important emails only.

With Google Hangouts, Curie could have broadcast her physics classes to a global audience using Hangouts on Air. As the first woman professor at the Sorbonne in Paris, making her classes available online could have given more women access to lectures from a renowned physicist during a time when many universities wouldn’t admit female students. She might even have started her own grassroots movement, using live video chats to bring advanced science into the homes, coffee shops, underground classrooms, etc., of whoever chose to tune in.

Marie Curie accomplished award-winning work, even without access to the most advanced lab technology of the time. It’s humbling to consider that despite any limitations she encountered, Curie’s pioneering work in radioactivity remains so relevant today as we continue to make advances in not just physics and chemistry but also engineering, biology and medicine, including cancer research, on the basis of her discoveries.

Posted by Scott Johnston, Director of Product Management, Google Drive

Security has always been a top priority for Google. It’s no different for Google Drive: so far this year we’ve launched a number of security enhancements, including Information Rights Management (IRM), custom audit alerts, new sharing controls, Password Alert, new password recovery options, Whitelisted Domain sharing and the Security Key.

Earlier this year, the number of paying organizations actively using Google Drive crossed one million, including companies like The New York Times, Uber, Fossil, Wedding Wire and BBVA. To show our ongoing commitment to keeping their work and employees safe, we’re rolling out new updates and features for our customers.

Enhanced eDiscovery with Google Apps Vault
To give businesses even more visibility and control over employee files, Google Drive will offer enhanced eDiscovery capabilities for Google Apps Vault. Retention policies and legal hold capabilities, similar to those currently available for email and chat, have been extended to cover files in Google Drive. These capabilities help you meet your legal obligations and ensure that employee files are archived and available as long as needed, even if employees delete those files from their Drive. These new capabilities are in a limited rollout now, with full availability planned for the coming months.

A new standard for privacy
Over the years we’ve completed third-party SOC2 / SOC3 security audits and achieved ISO 27001 certification to provide transparency and accountability around our security procedures. Today, we’re furthering our commitment to protect your data by adding the new ISO/IEC 27018:2014 privacy standard to our compliance framework. This audit validates our privacy practices and contractual commitments to our customers, verifying for example that we don’t use your data for advertising, that the data that you entrust with us remains yours and that we provide you with tools to delete and export your data.

More secure, even on the go
More and more employees are using phones and tablets for work, and usage of Google Drive on mobile is on the rise. In fact, in January of this year, Google Drive first appeared on ComScore’s list of top 25 mobile apps at number 25, and since then it has climbed to number 16 on the list.¹ To protect company data on mobile devices, both company- and employee-owned, we’ve continued to update the Mobile Device Management (MDM) included for our business customers. With mobile device and application management, you can monitor usage, enforce strong passwords and enable device encryption. If an employee phone is lost or stolen, you can wipe all of the data. Or if an employee leaves the company, you can selectively wipe corporate data while leaving personal data untouched.

Today businesses rely on the cloud to make their work more accessible and collaborative than ever, and they also want it to be more secure. We’re committed to making Google Drive the safest place for all of your work.

---

1 Source: comScore Mobile Metrix, August 2015, U.S.

Posted by Marc Crandall, Head of Global Compliance, Google for Work

Nearly a decade ago, we launched Google Apps as an innovative new way for you to collaborate online. Since then, we’ve introduced security innovations like encryption by default, two-step verification, security keys and a security checkup to protect your data. These features underscore our commitment to data protection as outlined in our Google Apps data processing amendment.

Today, we’re furthering our commitment to protect your data by adding the new ISO/IEC 27018:2014 privacy standard to our compliance framework. The new standard provides guidance for cloud providers on protecting the personally identifiable information of their customers and their customers’ users.

Ernst & Young, an independent auditor, has verified that our privacy practices and contractual commitments for Google Apps for Work and Google Apps for Education comply with ISO/IEC 27018:2014. For example:

• We do not use your data for advertising
• The data that you entrust with us remains yours
• We provide you with tools to delete and export your data
• We protect your information from third-party requests
• We are transparent about where your data is stored

We continuously work with independent auditors to verify our data protection commitments. For example, over the years we’ve completed third-party SOC2 / SOC3 security audits and achieved ISO 27001 certification to provide transparency and accountability around our security procedures.

The 27018 audit also validates that our Google Apps data protection commitments meet a rigorous international privacy and data protection standard. We think that this a great step forward for both our customers and for the industry. While laws and regulations vary from country to country, the principles set forth in the standard are widely recognized.

Posted by Eran Feigenbaum, Director of Security, Google for Work

Security has always been a top priority for Google. But security innovation is only as good as the number of people who use it. Part of that is making adoption super simple – that’s why we, along with the FIDO Alliance, created the Security Key, so that with a simple tap of the key you can send an encrypted 2-Step Verification signature to ensure your login information cannot be phished. And the other part is getting it into more hands. So today we’re announcing a 50% discount on Security Keys for Google Apps customers purchasing keys from Yubico, a Security Key manufacturer.

New admin controls are also rolling out today, to make it easier for Google Apps Unlimited administrators to deploy, monitor and manage Security Keys for their domains. As a Google Apps admin, once Security Keys have been activated by employees, you can see where and when employees last used their keys through usage tracking and by generating reports. You can easily revoke access to lost Security Keys and provide backup codes, so employees can still sign-in and get work done.

Security is never a done deal, and we're continuously working to stay ahead of those with bad intentions. We hope you join us on this continuous journey and take advantage of the Security Key technology, the discount on Yubico keys, and tools to deploy them at scale for your organization.