Google has added two-factor authentication for Google Apps, allowing admins to require user passwords and additional verification from a user's mobile phone. Google Apps also notched its 3 millionth business customer.
Google Sept. 20 said it has added two-factor
authentication for Google Apps, a move that should make the cloud collaboration
software more palatable for enterprises requiring greater security.
Two-factor verification is a boon at a time when
passwords are often the weak link in the security fence software makers put up
around their applications. People use the same passwords across too many
Websites or get tricked into revealing them to those with malicious intent.
When administrators of Google Apps Premier, Education and
Government editions enable the technology from their control panel, users must
sign in to their Apps account with the usual password and a mobile phone.
Upon entering a password, a verification code is sent to a
users' mobile phone via SMS, voice calls, or generated on an application they
can install on their Google Android, RIM BlackBerry or Apple iPhone handset.
"This makes it much more likely that you're the only
one accessing your data: even if someone has stolen your password, they'll need
more than that to access your account," explained Eran Feigenbaum, director
of security for Google Apps, in a blog post.
Users may can also signal that they don't want to be
asked for a verification code from specific computers in the future.
Admins can access it from the English version of the
Admin Control Panel now.
While available only for paid Google Apps users today,
Google will offer the same two-factor authentication to the "hundreds of
millions" of Google Apps Standard Edition users in the coming months. end
users can set it up in the Accounts tab in Gmail settings.
Google has been taking a number of steps to enhance
Google Apps security to lure new business customers from Microsoft, IBM and
Novell collaboration suites.
For example, the company in July attained
FISMA, or Federal Information Security Management Act certification
and accreditation from the U.S. government's General Services Administration.
Google also added
HTTPS encryption and the ability to set
minimum password length requirements for Google Apps.
Google's security move, announced at the Google
Atmosphere cloud computing event in Paris today, comes as the company has just
notched its 3 millionth business customer. Google
the two million business plateau last October.