Google Nudges Customers Toward Two-Factor Authentication

8 Reasons Cloud Email Is A Smart Move Now

Google is encouraging its customers, whether they are enterprises users, small businesses, or just casual users, to strengthen the security of their online accounts with a new two-step verification offer.

The process involves signing into Google as usual, but then being asked for an additional code, which Google sends through the user's choice of text, voice call, or through its mobile app. A security key is also an option, for anyone who already has one.

There's also the option to not use two-step verification on a particular device, such as a home computer. That way, a user can still separate his or her home life and persona from a counterpart at work.

Here it might be said that in true Google fashion it's attacking a problem commonly mentioned in the same breath as "national security" with straightforward designs, cute illustrations, and the gentlest touch.

"It's easier than you think for someone to steal your password," Google states in a san-serif typeface that reads like a kindergarten teacher's voice.

Following that are three clear bullets stating ways that you or I, through no fault of our own, might find ourselves in trouble.

That pattern then gets repeated after the prompt: "Imagine losing access to your account and everything in it."

Finally, the invitation to something already wildly popular, "Join millions of others who have made their accounts stronger with 2-Step Verification."

It's marketing perfection, and only the latest way Google is cracking down on growing security threats, particularly as differentiators between our Google home and work lives begins to blur.

On Feb. 25 Google announced it was expanding Project Shield beyond its initial test group, and now any news organization can sign up for free protection against denial of service (DDos) attacks.

In December, Google announced that its Google Apps Unlimited customers are now also experiencing Data Loss Prevention (DLP) for Gmail, a program that allows users to set rules around certain kinds of content. For example, Google might scan an email to ensure that credit card information hasn't been shared.

[Microsoft is amping up security for companies. Read Windows 10 Security Boost Targets Business PCs.]

Because while it's important to guard against bad guys (who in Google world have cat-burglar masks and 5 o'clock shadows), a lot of times it's us users creating the problems.

"Interestingly, a large percentage of data leaks happen accidentally," explains a Google for Work whitepaper. "Someone relies all when meaning to send a private message, chooses a client instead of a teammate who has a similar name, or doesn't realize how confidential certain data is."

In conjunction with the RSA Security conference, which kicked off Feb. 29, Google announced enhancements to DLP, using optical character recognition (OCR) technology.

It also showed off a whitepaper it commissioned from Forrester Consulting, which found companies that switch to Google Apps for Work to be experiencing an ROI of 213% over three years, and that over the same period, the collaboration benefits gained by teams using Google Apps has led to nearly $1 million in cost savings.

Rising stars wanted. Are you an IT professional under age 30 who's making a major contribution to the field? Do you know someone who fits that description? Submit your entry now for InformationWeek's Pearl Award. Full details and a submission form can be found here.