Google adds G Suite security tool to protect data from third party apps

Following this year's Gmail phishing attack, Google introduces a way for its enterprise customers to better secure which third-party apps can get access to user data.

gsuitewhitelist.png
Google

Google on Thursday introduced a new security feature for G Suite, enabling an organization to limit which third-party apps can gain access to its users' data.

After admins create a list of pre-approved apps with OAuth apps whitelisting, users can grant access to their G Suite data to any of the apps on the whitelist.

"This prevents malicious apps from tricking users into accidentally granting access to their corporate data," Google explained.

Earlier this year, Gmail users were hit by a phishing attack that abused Google's OAuth login page where third-party apps can request access to different permissions in Gmail. After the incident, among other steps it took, Google slowed down the process for publishing web apps.