Google has added another layer of security to its Google Apps service, which may make it more appealing to businesses still uncertain about joining the move to Cloud Computing. The new step to keeping accounts secure currently applies to the Premier, Education, and Government editions of Google Apps, with the feature coming to all Google Apps users in the next few months.
It can’t be more simple, yet it’s actually quite clever. When users sign up to Google Apps, one of the details they’re asked to supply is their mobile phone number. With this new step, when you log in to your Google Apps account, a random security code, which changes each time, will be sent to your phone, either via a text or voice call. To verify yourself and actually get in to your account, you will need to type the code you are given into the site. If the code is wrong, you won’t get in. It’s the same concept as those “Authenticators” banks and online games are starting to use in abundance, but it eliminates the need for any new gadgetry, and instead uses the one gadget practically everyone these days has – their phone.
What’s more, to make the feature less annoying, Google lets users tone down the security for devices they trust. If a user is on a trusted computer — their office system, for example — they can opt to have their verification code remembered on that computer, meaning they won’t be asked for a code for 30 days, instead of having to enter a new one upon each login.
One final point, for those Tech-minded people out there who may want to take advantage of this security in their own projects: it may interest you to know that Google has built its verification feature on the open source OATH standard, meaning users can customize it for their own needs or even apply it to non-Google applications.