Google celebrated Safer Internet Day on Tuesday by offering people 2GB of extra Google Drive space to those who complete its online Security Checkup.
There is no Safe Internet Day. Security is a journey rather than a destination because online geography is always in flux. But our information highway can be made less perilous. Safer Internet Day, which dates back to 2004, offers an opportunity for organizations and individuals to improve their security posture and perhaps not to stumble.
The White House, for example, introduced its Cybersecurity National Action Plan, which calls for $19 billion to be invested to protect the government, the private sector, and citizens from potential cyberthreats. There will be similarly well-intentioned initiatives in the years to come, as there have been in years past.
Google's storage offer, good through Feb. 11, requires Google users to review security-related account settings, such as account recovery phone numbers and multi-factor authentication configuration. Google vice president of security and privacy Gerhard Eschelbeck advises doing this self-exam regularly.
Google also said that this week it will begin highlighting messages in Gmail that don't support TLS encryption or cannot be authenticated. Messages that lack TLS encryption will be displayed with a broken lock icon that links to a card with an explanation. Messages that cannot be authenticated using a framework like DKIM or SPF will display a question mark in place of the usual photo/logo icon at the top left corner of the message window.
"Not all affected email will necessarily be dangerous," explained product manager John Rae-Grant in a blog post. "But we encourage you to be extra careful about replying to, or clicking on links in messages that you're not sure about."
Google is doing this only for Gmail customers, but that's a sizable group of people. Earlier this month, the company said that Gmail now has over a billion monthly users.
[Find out how Google and Apple aim to kill passwords.]
Google's labelling of messages in Gmail may affect whether recipients choose to open flagged email. Reputable email marketers should have already taken steps to ensure deliverability by adopting TLS and DKIM/SPF. Those most likely to be affected are people running their own mail servers who haven't kept up with best practices or businesses in a similar situation.
The recent introduction of free SSL certificates from Let's Encrypt, however, should make it easier and more affordable to operate an email server that meets Google's expectations.
Google also published four Android security tips and provided details about its latest efforts to combat malicious advertising. The company has implemented automated filtering in its advertising network. The feature is designed to block traffic from three top ad fraud botnets, which together consist of over 500,000 affected computers.
Does your company offer the most rewarding place to work in IT? Do you know of an organization that stands out from the pack when it comes to how IT workers are treated? Make your voice heard. Submit your entry now for InformationWeek's People's Choice Award. Full details and a submission form can be found here.