Cranking up Google Apps for Work, using an actual key

Upping the ante on multi-factor ID

If the password isn’t dead, it ought to be, shout headlines. Security experts almost universally despise the use of the password as almost the only form of end-user authentication, but there simply aren’t that many alternatives.

Google, however, is dipping its toes into this particular pool with an announcement that admins can provide employees with physical security keys with Google Apps for Work, managing access and tracking usage from a centralized security console.

+ ALSO ON NETWORK WORLD: In case you aren’t suitably impressed by the scale of Amazon Web Services | Raytheon forms defense-grade security unit with $1.9 billion Websense buy +

Once enrolled, the USB key can be authorized or de-authorized remotely, in the case of lost or stolen keys, or if an employee is terminated, and logins using a particular key can be tracked over time and by location.

Early access users include Yelp and Woolworths, and Google said that the key management service will become generally available to Apps for Work users for no additional fees “in the coming weeks.”

The physical code-key isn’t exactly an entirely new concept – it’s been around in online gaming for some time, and Google already offers a USB key for authenticating personal Google accounts. Additionally, more and more services are using two-factor ID, generally by sending a verification code to a user’s smartphone. But the introduction of management tools for dedicated USB keys could prove a small but important advantage for Google’s growing enterprise presence.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2015 IDG Communications, Inc.

SD-WAN buyers guide: Key questions to ask vendors (and yourself)