{"id":504,"date":"2018-12-25T21:38:08","date_gmt":"2018-12-25T18:38:08","guid":{"rendered":"https:\/\/35.204.18.38\/ru\/?p=504"},"modified":"2026-06-02T18:05:44","modified_gmt":"2026-06-02T15:05:44","slug":"we-didn-t-get-bored-more-than-20-updates-to-chrome-enterprise-google-workspace-ex-g-suite-and-google-cloud","status":"publish","type":"post","link":"https:\/\/cloudfresh.com\/cs\/blog\/nenudili-jsme-se-vice-nez-20-updatu-chrome-enterprise-google-workspace-napr-g-suite-a-google-cloud\/","title":{"rendered":"”Nenudili jsme se” \u2013 v\u00edce ne\u017e 20 updat\u016f Chrome Enterprise, Google Workspace (nap\u0159. G Suite) a Google Cloud"},"content":{"rendered":"

Zabezpe\u010den\u00ed dat je jednou z nejv\u011bt\u0161\u00edch v\u00fdzev na\u0161\u00ed doby a Google Cloud ji p\u0159ij\u00edm\u00e1. Google Cloud<\/a> a Google Workspace<\/a> (ex. G Suite) v\u017edy pracuj\u00ed na tom, aby organizac\u00edm pomohly udr\u017eet krok s rostouc\u00edmi hrozbami, chr\u00e1nit jejich citliv\u00e1 data a roz\u0161\u00ed\u0159it mo\u017enosti zabezpe\u010den\u00ed.\u00a0<\/p>\r\n

Proto v posledn\u00edch n\u011bkolika t\u00fddnech spole\u010dnost Google ozn\u00e1mila vyd\u00e1n\u00ed \u0161irok\u00e9 \u0161k\u00e1ly produkt\u016f a vylep\u0161en\u00ed zabezpe\u010den\u00ed. Mysleli jsme si, \u017ee by bylo u\u017eite\u010dn\u00e9 d\u00e1t v\u0161echny zpr\u00e1vy na jedno vhodn\u00e9 m\u00edsto.\u00a0<\/p>\r\n

Zde je stru\u010dn\u00e9 shrnut\u00ed bezpe\u010dnostn\u00edch ozn\u00e1men\u00ed spole\u010dnosti Google v prvn\u00edm \u010dtvrtlet\u00ed roku 2018.\u00a0<\/p>\r\n

 <\/p>\r\n

Chrome Enterprise\u00a0<\/h2>\r\n

1. Nov\u00e9 partnerstv\u00ed v oblasti \u0159\u00edzen\u00ed podnikov\u00e9 mobility (EMM)\u00a0<\/strong><\/p>\r\n

Spole\u010dnost Google ozn\u00e1mila \u010dty\u0159i nov\u00e1 partnerstv\u00ed s dodavateli EMM, kter\u00e1 pom\u00e1haj\u00ed spr\u00e1vc\u016fm IT spravovat a implementovat bezpe\u010dnostn\u00ed z\u00e1sady v cel\u00e9m jejich vozov\u00e9m parku za\u0159\u00edzen\u00ed z jednoho m\u00edsta. Cisco Meraki, Citrix XenMobile, IBM MaaS360 s Watsonem a ManageEngine Mobile Device Manager Plus nyn\u00ed podporuj\u00ed Chrome Enterprise.\u00a0<\/p>\r\n

2. Zlep\u0161en\u00ed Active Directory v Chrome OS\u00a0<\/strong><\/p>\r\n

Na z\u00e1klad\u011b integrace Chrome OS s Active Directory loni v srpnu Google p\u0159idal \u0159adu vylep\u0161en\u00ed, kter\u00e1 pom\u00e1haj\u00ed administr\u00e1tor\u016fm spravovat Chrome OS spolu se star\u0161\u00ed infrastrukturou. Pat\u0159\u00ed mezi n\u011b mo\u017enost ov\u011b\u0159ov\u00e1n\u00ed na koncov\u00fdch bodech pomoc\u00ed protokol\u016f Kerberos a NTLMv2 v m\u00edstn\u00edch s\u00edt\u00edch p\u0159\u00edmo ze syst\u00e9mu Chrome OS, podpora sd\u00edlen\u00fdch podnikov\u00fdch nastaven\u00ed slu\u017eby Active Directory, jako jsou skripty s v\u00edce dom\u00e9nami, a podpora st\u00e1vaj\u00edc\u00edch certifik\u00e1t\u016f.\u00a0<\/p>\r\n

3. Pokro\u010dil\u00e9 funkce ovl\u00e1d\u00e1n\u00ed v prohl\u00ed\u017ee\u010di Chrome a syst\u00e9mu Chrome OS\u00a0<\/strong><\/p>\r\n

Chrome Enterprise umo\u017e\u0148uje spr\u00e1vc\u016fm konfigurovat v\u00edce ne\u017e 200 z\u00e1sad zabezpe\u010den\u00ed a poskytovat zam\u011bstnanc\u016fm zabezpe\u010den\u00fd p\u0159\u00edstup k online zdroj\u016fm. Google tento m\u011bs\u00edc p\u0159idal je\u0161t\u011b v\u00edce ovl\u00e1dac\u00edch prvk\u016f, v\u010detn\u011b \u010dern\u00e9 listiny roz\u0161\u00ed\u0159en\u00ed.\u00a0<\/p>\r\n

 <\/p>\r\n

Cloud Identity<\/strong><\/h2>\r\n

4. Cloud Identity<\/strong><\/p>\r\n

Cloud Identity je nov\u00e9, samostatn\u00e9 \u0159e\u0161en\u00ed identity jako slu\u017eby (IDaaS), kter\u00e9 nab\u00edz\u00ed \u0161pi\u010dkov\u00e9 funkce, jako je zabezpe\u010den\u00ed \u00fa\u010dt\u016f, spr\u00e1va aplikac\u00ed a spr\u00e1va za\u0159\u00edzen\u00ed na jednom m\u00edst\u011b. D\u00edky cloudov\u00e9 identifikaci z\u00edskaj\u00ed zam\u011bstnanci snadn\u00fd a bezpe\u010dn\u00fd p\u0159\u00edstup ke sv\u00fdm podnikov\u00fdm aplikac\u00edm a za\u0159\u00edzen\u00edm a administr\u00e1to\u0159i z\u00edskaj\u00ed pot\u0159ebn\u00e9 n\u00e1stroje pro spr\u00e1vu tohoto stavu v jedn\u00e9 integrovan\u00e9 konzoli.\u00a0<\/p>\r\n

 <\/p>\r\n

Google Cloud Platform\u00a0<\/h2>\r\n

5. Access Transparency<\/strong><\/p>\r\n

D\u016fv\u011bra je p\u0159i v\u00fdb\u011bru poskytovatele cloudov\u00fdch slu\u017eeb prvo\u0159ad\u00e1 a Google chce b\u00fdt co nejotev\u0159en\u011bj\u0161\u00ed a nejtransparentn\u011bj\u0161\u00ed. Transparentnost p\u0159\u00edstupu v\u00e1m poskytuje p\u0159\u00edstup k protokol\u016fm v re\u00e1ln\u00e9m \u010dase, kdy\u017e administr\u00e1to\u0159i platformy Google Cloud Platform p\u0159istupuj\u00ed k va\u0161emu obsahu, a nab\u00edz\u00ed auditn\u00ed stopu akc\u00ed, kter\u00e9 provedli va\u0161i technici Google.\u00a0<\/p>\r\n

6. Cloud Armor<\/strong><\/p>\r\n

Cloud Armor je nov\u00fd obr\u00e1nce proti \u00fatok\u016fm DDoS (Distributed Denial-of-Service) a slu\u017eba ochrany aplikac\u00ed zalo\u017een\u00e1 na stejn\u00fdch technologi\u00edch a glob\u00e1ln\u00ed infrastruktu\u0159e, kterou Google pou\u017e\u00edv\u00e1 k ochran\u011b slu\u017eeb, jako je Vyhled\u00e1v\u00e1n\u00ed, Gmail a YouTube. Glob\u00e1ln\u00ed vyrovn\u00e1v\u00e1n\u00ed zat\u00ed\u017een\u00ed HTTP (S) poskytuje integrovanou ochranu proti \u00fatok\u016fm na infrastrukturu DDoS. Cloud Armor pracuje ve spojen\u00ed s HTTP(S) a umo\u017e\u0148uje konfigurovat ochranu pro va\u0161e internetov\u00e9 aplikace. Mezi jeho mo\u017enosti pat\u0159\u00ed ip blacklisting a whitelisting, \u0159\u00edzen\u00ed p\u0159\u00edstupu na z\u00e1klad\u011b um\u00edst\u011bn\u00ed, vlastn\u00ed pravidla a ochrana p\u0159ed \u00fatoky, jako je SQL Injection. N\u00ed\u017ee v\u00e1m uk\u00e1\u017eeme, jak nastavit \u010dern\u00e9 a b\u00edl\u00e9 listiny IP pomoc\u00ed Cloud Armor:\u00a0<\/p>\r\n

7. Cloud Security Command Center (alpha)<\/strong><\/p>\r\n

Nov\u00e9 Cloud Security Command Center (Cloud SCC) je platforma pro zabezpe\u010den\u00ed dat, kter\u00e1 umo\u017e\u0148uje prohl\u00ed\u017eet, analyzovat a sledovat invent\u00e1\u0159 va\u0161ich cloudov\u00fdch aktiv, kontrolovat d\u016fv\u011brn\u00e9 syst\u00e9my ukl\u00e1d\u00e1n\u00ed dat, identifikovat b\u011b\u017en\u00e9 chyby zabezpe\u010den\u00ed v s\u00edti a zobrazovat p\u0159\u00edstupov\u00e1 pr\u00e1va k va\u0161im prost\u0159edk\u016fm \u2013 to v\u0161e z jedin\u00e9ho centralizovan\u00e9ho monitorovac\u00edho panelu. Sledov\u00e1n\u00ed hrozeb a podez\u0159el\u00e9 aktivity s detekc\u00ed spole\u010dnosti Google, stejn\u011b jako bezpe\u010dnostn\u00edch partner\u016f, jako jsou Cloudflare, CrowdStrike, Dome9, Palo Alto Networks, Qualys a RedLock.\u00a0<\/p>\r\n

8. The Cloud Data Loss Prevention (DLP) API<\/strong><\/p>\r\n

Rozhran\u00ed API ochrany p\u0159ed \u00fanikem informac\u00ed umo\u017e\u0148uje zji\u0161\u0165ovat, klasifikovat a upravovat citliv\u00e1 data v re\u00e1ln\u00e9m \u010dase. A proto\u017ee se jedn\u00e1 o rozhran\u00ed API, m\u016f\u017eete ho pou\u017e\u00edt t\u00e9m\u011b\u0159 v jak\u00e9mkoli zdroji dat nebo obchodn\u00ed aplikaci, a\u0165 u\u017e ve slu\u017eb\u00e1ch GCP, jako je Cloudov\u00e9 \u00falo\u017ei\u0161t\u011b nebo BigQuery, v aplikac\u00edch t\u0159et\u00edch stran nebo v m\u00edstn\u00edm datov\u00e9m centru.\u00a0<\/p>\r\n

9. VPC Service Controls<\/strong><\/p>\r\n

Vpc Service Controls v sou\u010dasn\u00e9 dob\u011b pom\u00e1h\u00e1 podnik\u016fm udr\u017eovat citliv\u00e1 data v tajnosti p\u0159i pou\u017e\u00edv\u00e1n\u00ed pln\u011b spravovan\u00fdch \u00falo\u017ei\u0161\u0165 a zpracov\u00e1n\u00ed dat GCP. Ovl\u00e1dac\u00ed prvky slu\u017eby VPC vytv\u00e1\u0159ej\u00ed bezpe\u010dnostn\u00ed perimetr kolem dat ulo\u017een\u00fdch ve slu\u017eb\u00e1ch GCP na z\u00e1klad\u011b rozhran\u00ed API Cloud Storage, BigQuery a Bigtable. To pom\u00e1h\u00e1 sn\u00ed\u017eit rizika spojen\u00e1 s filtrov\u00e1n\u00edm dat prost\u0159ednictv\u00edm odcizen\u00fdch ID, nespr\u00e1vn\u00fdch konfigurac\u00ed z\u00e1sad IAM, \u0161kodliv\u00fdch insider\u016f a ohro\u017een\u00fdch virtu\u00e1ln\u00edch po\u010d\u00edta\u010d\u016f.\u00a0<\/p>\r\n

 <\/p>\r\n

Google Workspace (ex. G Suite)\u00a0<\/h2>\r\n

10.Nov\u00e9 anti-phishingov\u00e9 funkce\u00a0<\/strong><\/p>\r\n

Aktualizovan\u00e9 bezpe\u010dnostn\u00ed prvky lze nakonfigurovat tak, aby se automaticky aktualizovaly a povolily ochranu podle doporu\u010den\u00ed spole\u010dnosti Google. Nov\u00fd v\u00fdchoz\u00ed syst\u00e9m ochrany m\u016f\u017ee:\u00a0<\/p>\r\n

    \r\n
  • Automaticky ozna\u010dte e-mailov\u00e9 zpr\u00e1vy od ned\u016fv\u011bryhodn\u00fdch odes\u00edlatel\u016f, kte\u0159\u00ed maj\u00ed za\u0161ifrovan\u00e9 p\u0159\u00edlohy nebo vestav\u011bn\u00e9 skripty.\u00a0<\/li>\r\n
  • Upozornit, pokud se \u00fato\u010dn\u00edci pokus\u00ed nahradit e-mailovou adresu zam\u011bstnanc\u016f nebo pokud p\u00ed\u0161\u00ed z dom\u00e9ny, kter\u00e1 vypad\u00e1 jako va\u0161e vlastn\u00ed dom\u00e9na.\u00a0<\/li>\r\n<\/ul>\r\n
      \r\n
    • Nab\u00eddn\u011bte pokro\u010dilou ochranu proti phishingov\u00fdm \u00fatok\u016fm zad\u00e1n\u00edm autorizovan\u00e9ho e-mailu.\u00a0<\/li>\r\n
    • Skenujte obr\u00e1zky, abyste zjistili indik\u00e1tory phishingu, a zkr\u00e1cen\u00e9 adresy URL, abyste zjistili \u0161kodliv\u00e9 odkazy.<\/li>\r\n<\/ul>\r\n

      11. V\u00fdchoz\u00ed spr\u00e1va mobiln\u00edho telefonu<\/strong><\/p>\r\n

      Z\u00e1kladn\u00ed spr\u00e1va aplikac\u00ed se automaticky aktivuje pro mobiln\u00ed za\u0159\u00edzen\u00ed, kter\u00e1 maj\u00ed p\u0159\u00edstup k \u00fa\u010dt\u016fm Google Workspace (nap\u0159. G Suite). Zam\u011bstnanci nemus\u00ed instalovat profily na za\u0159\u00edzen\u00edch se syst\u00e9mem iOS a Android a administr\u00e1to\u0159i z\u00edskaj\u00ed dal\u0161\u00ed bezpe\u010dnostn\u00ed kontroly, v\u010detn\u011b mo\u017enosti vynutit pou\u017eit\u00ed ochrann\u00fdch k\u00f3d\u016f PIN, vymaz\u00e1n\u00ed citliv\u00fdch dat a zobrazen\u00ed, kter\u00e1 za\u0159\u00edzen\u00ed p\u0159istupuj\u00ed k podnikov\u00fdm dat\u016fm.\u00a0<\/p>\r\n

      12. Nov\u00e9 p\u0159\u00edr\u016fstky v Centru zabezpe\u010den\u00ed Google Workspace\u00a0 (nap\u0159. G Suite)\u00a0<\/strong><\/p>\r\n

      Spole\u010dnost Google p\u0159edstavila na za\u010d\u00e1tku tohoto roku nov\u00e9 centrum zabezpe\u010den\u00ed pro Google Workspace (nap\u0159. G Suite). Security Center spojuje anal\u00fdzy a efektivn\u00ed doporu\u010den\u00ed, kter\u00e1 v\u00e1m pom\u016f\u017eou chr\u00e1nit data va\u0161\u00ed organizace a osobn\u00ed u\u017eivatelsk\u00e1 data. Minul\u00fd t\u00fdden spole\u010dnost Google p\u0159edstavila nov\u00e9 p\u0159\u00edr\u016fstky, v\u010detn\u011b:\u00a0<\/p>\r\n

        \r\n
      • Nov\u00e9 grafy zabezpe\u010den\u00ed zobrazuj\u00edc\u00ed aktivitu OAuth, hrozby, jako je ohro\u017een\u00ed obchodn\u00edch e-mail\u016f (BEC), a speci\u00e1ln\u011b navr\u017een\u00e9 phishingov\u00e9 e-maily, kter\u00e9 mohou postr\u00e1dat spr\u00e1vn\u00e9 odkazy.\u00a0<\/li>\r\n
      • Nov\u00e9 grafy spr\u00e1vy mobiln\u00edch za\u0159\u00edzen\u00ed, kter\u00e9 spr\u00e1vc\u016fm IT pomohou nau\u010dit se analyzovat aktivity a zjistit, kdy byla za\u0159\u00edzen\u00ed odcizena nebo napadena hackery.\u00a0<\/li>\r\n
      • Mo\u017enost reorganizovat \u0159\u00eddic\u00ed panel tak, aby se soust\u0159edil na to, co je pro va\u0161i organizaci nejd\u016fle\u017eit\u011bj\u0161\u00ed.\u00a0<\/li>\r\n
      • Anal\u00fdza stavu zabezpe\u010den\u00ed va\u0161\u00ed organizace a z\u00edsk\u00e1n\u00ed individu\u00e1ln\u00edch rad ohledn\u011b nasazen\u00ed kl\u00ed\u010dov\u00fdch funkc\u00ed zabezpe\u010den\u00ed a ochrany p\u0159ed phishingov\u00fdmi \u00fatoky.\u00a0<\/li>\r\n<\/ul>\r\n
          \r\n
        1. N\u00e1stroje pro ochranu a spr\u00e1vu sd\u00edlen\u00fdch disk\u016f<\/strong><\/li>\r\n<\/ol>\r\n

          Nov\u00e1 vylep\u0161en\u00ed sd\u00edlen\u00fdch jednotek, kter\u00e9 poskytuj\u00ed dal\u0161\u00ed ovl\u00e1dac\u00ed prvky zabezpe\u010den\u00ed, v\u010detn\u011b mo\u017enosti omezit opr\u00e1vn\u011bn\u00ed k soubor\u016fm a p\u0159id\u00e1vat polo\u017eky, aby u\u017eivatel\u00e9 nemohli tisknout, stahovat a kop\u00edrovat soubory. Tyto nov\u00e9 funkce zabezpe\u010den\u00ed budou zavedeny v nadch\u00e1zej\u00edc\u00edch t\u00fddnech.\u00a0<\/p>\r\n

          \u00a0<\/h2>\r\n

          Partnerstv\u00ed\u00a0<\/h2>\r\n

          14\u201325. Nov\u00e1 a roz\u0161\u00ed\u0159en\u00e1 bezpe\u010dnostn\u00ed partnerstv\u00ed\u00a0<\/strong><\/p>\r\n

          Google ozn\u00e1mil 11 nov\u00fdch bezpe\u010dnostn\u00edch partnerstv\u00ed \u2013 Auth0, Check Point, Cloudflare, Dome9, Fortinet, Palo Alto Networks, Qualys, Rackspace, RedLock, StackRox a Sumo Logic.\u00a0<\/p>\r\n

            \r\n
          • Dome9,<\/strong> kter\u00fd vyvinul sadu test\u016f k ov\u011b\u0159en\u00ed shody s pr\u016fmyslov\u00fdm standardem zabezpe\u010den\u00ed dat platebn\u00edch karet (PCI DSS) v Dome9 Compliance Engine.\u00a0<\/li>\r\n
          • Rackspace Managed Security<\/strong>, kter\u00fd poskytuje firm\u00e1m dal\u0161\u00ed zabezpe\u010den\u00ed nad GCP.\u00a0<\/li>\r\n
          • Platforma RedLock Cloud 360<\/strong> je \u0159e\u0161en\u00ed ochrany p\u0159ed cloudov\u00fdmi hrozbami, kter\u00e9 poskytuje dal\u0161\u00ed kontrolu nad cloudov\u00fdmi prost\u0159ed\u00edmi Google.\u00a0<\/li>\r\n<\/ul>\r\n

            V\u011b\u0159\u00edme, \u017ee bezpe\u010dn\u011bj\u0161\u00ed podnikatelsk\u00e9 prost\u0159ed\u00ed je lep\u0161\u00ed pro ka\u017ed\u00e9ho a pro ka\u017ed\u00e9ho, a proto se sna\u017e\u00edme naj\u00edt nov\u00e9 zp\u016fsoby, jak pomoci podnik\u016fm b\u00fdt bezpe\u010dn\u011bj\u0161\u00edmi. Chcete-li z\u00edskat dal\u0161\u00ed informace, prezentaci nebo uk\u00e1zku, nechte sv\u016fj po\u017eadavek na str\u00e1nce kontakt\u016f.\u00a0<\/p>\r\n

             <\/p>","protected":false},"excerpt":{"rendered":"

            Zabezpe\u010den\u00ed dat je jednou z nejv\u011bt\u0161\u00edch v\u00fdzev na\u0161\u00ed doby a Google Cloud ji p\u0159ij\u00edm\u00e1. Google Cloud a Google Workspace (ex. G Suite) v\u017edy pracuj\u00ed na tom, aby organizac\u00edm pomohly udr\u017eet krok s rostouc\u00edmi hrozbami, chr\u00e1nit jejich citliv\u00e1 data a roz\u0161\u00ed\u0159it mo\u017enosti zabezpe\u010den\u00ed.\u00a0 Proto v posledn\u00edch n\u011bkolika t\u00fddnech spole\u010dnost Google ozn\u00e1mila vyd\u00e1n\u00ed \u0161irok\u00e9 \u0161k\u00e1ly produkt\u016f a […]<\/p>\n","protected":false},"author":18,"featured_media":505,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"content-type":"","footnotes":""},"categories":[3,97,98],"tags":[],"class_list":["post-504","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cloud-blog","category-google-cloud","category-google-workspace"],"_links":{"self":[{"href":"https:\/\/cloudfresh.com\/cs\/wp-json\/wp\/v2\/posts\/504","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cloudfresh.com\/cs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cloudfresh.com\/cs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cloudfresh.com\/cs\/wp-json\/wp\/v2\/users\/18"}],"replies":[{"embeddable":true,"href":"https:\/\/cloudfresh.com\/cs\/wp-json\/wp\/v2\/comments?post=504"}],"version-history":[{"count":1,"href":"https:\/\/cloudfresh.com\/cs\/wp-json\/wp\/v2\/posts\/504\/revisions"}],"predecessor-version":[{"id":132332,"href":"https:\/\/cloudfresh.com\/cs\/wp-json\/wp\/v2\/posts\/504\/revisions\/132332"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cloudfresh.com\/cs\/wp-json\/wp\/v2\/media\/505"}],"wp:attachment":[{"href":"https:\/\/cloudfresh.com\/cs\/wp-json\/wp\/v2\/media?parent=504"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cloudfresh.com\/cs\/wp-json\/wp\/v2\/categories?post=504"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cloudfresh.com\/cs\/wp-json\/wp\/v2\/tags?post=504"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}