Gmail Security: Advanced Security Features to Protect Your Organization (Cloud Next '19)
Welcome. Everyone and, Nicolas. Chavez and. The product manager for Gmail. Security, and my. Colleague is Nicolas as well. I'm. A hi I'm Nicolas Bosque I'm a technically. This working on a gmail, and G suite security, engineering so. Welcome to the session CP. 211, Gmail security, on advanced security features and. Thanks. To all of you for being here. I'm. Going to switch slide so, I looked, at who's came. Today and I saw a lot of you are. Responsible. For security within, your organization. So you're basically the heroes, of the organization. Because protecting, user is. One of the most important things these days, it's. A top rightly for business because. Of all, the issues that you're. All aware about like, business. Email compromised, phishing. Attack and over attacks. And over so. G. Suite protection, starts with Gmail and why why. Why Gmail why email because email, is. Actually, one. Of the most. Busiest. Vector, to reach the largest number of people so in, this presentation, we'll go through three different sections the. First one being. Advancing. Phishing, and malware protection the. Second one would be about encryptions. And what Gmail is doing to better, protect. Email. On transit, and the third one would, be around. Right. Management information right management that will provide to users so. We leave time at the end for Q&A if you if you have any question, so. Starting, with Gmail and. Fishing. Fishing. Has been around for a long time it, used to be pretty straightforward to, detect phishing attacks because, we, males we are not. Very. Difficult to identify there. Were typos, and things like that but fishing, has evolved quite a lot. Malware. Also. Something. That is distributed, primarily via email to third of malware, come from email and. Enterprise. Customer, event of enterprise. Corporate. Account of users, receive. An average four, point three times more, malware. Via, email than regular, consumers. So. Corporate. Accounts are much more targeted. Another. Category, of. Attacks. Around. Data breach it, can be either via, users. And. Internationally. Making, mistake, and leaking data or it can be also, attack. On the on the. To. To the cooperate infrastructure. In. One category of, malware. We've seen a large growth, and these numbers are, not from Google visa to big numbers from, I think the note had at the bottom right from the horizon and other studies, but, run, somewhere as a type of malware I've seen huge growth over the last few years there's been a lot of news about it and it, costs businesses. Billions. Every year to to. Address these issues so, that's really a category, of malware, where we've seen a lot of growth. So. What. Is, Google. And Gmail what. Are we doing to protect you is. Gmail. Uses, machine, learning technologies. That are developed, across. Google, and apply. That to. To. Fighting phishing. Phishing. Attack we, also have, what when, you use machine learning one, of the. Information. That we need you need to train models, is. Ground truth and because, gmail has over 1.5. Billion users we. Have a lot of ground, truth coming from users, and feedback. Loop which helps, us, improve. Our models, and. Train our models it's, also Gmail.
It Was last week gmail 15th, birthday. So Gmail has experienced, now on fighting. Spam. Phishing. And. From the beginning Gmail was one of the first service to really, focus all on spam, detection here. Are some numbers I'm. Not gonna go for each of them but. As, you can see the norm those are pretty large every, minute just as an example 10. Million spam messages, are blocked and not, from. Being delivered to, the users mailbox so it's video scale, business. At scale. And. This. Slide is about early. Detection. There. Are two ways to do, better. We are at detecting. And this is what Nikko, is gonna is going to talk about and avoiding. Delivery. In the mailbox, of of, bad emails the, last remediation. We are for businesses, so focusing. On improving detection, is, the, top. Priority, for us. I. Already. Mentioned that earlier the self learning models so. That's. Something. That Google is investing a, lot on and. We. We, are the mix of heuristic. And self learning models, all the time we are doing more and more on the. Machine learning side and we've seen really. Really big improvement in the quality of detection by using machine learning and as I mentioned, much these. Models have been developed or, the, technologies, have been developed across. Google, in. Different businesses. For. Example we use. Machine. Learning for image. Analysis, to recognize, logos, or fake logos into images this, was developed by over. Other. Teams. Within, Google and were using that in Gmail, to improve, to improve detection and. The. Last bullet the, last part rare is personalized. For you, as. An example for, spam. Not. Everyone. Is going to find, for. A given email it can be considered spam for certain user and not planned for others so, we need to have models that are, personalized. For each user because. Not, everything. Spam. Doesn't mean the same thing for everyone and not all emails are spam for users, it's, different for fishing, and really malicious, messages, which, don't, have to be to. Be personalized. But spam is video category of message, is where personalization. Is. Very important. So. What. Is fishing, now we are going to talk a little bit about fishing, fishing. Is. Basically. A. Fraudulent. Attempt. To obtain sensitive, information. By. Disguising. As, a trustworthy, entity in. The electronic communication. So today. Fishing. Is one, of, a major attack. Use. On the internet and why, fishing, versus, other type of attacks, one, of the thing is fishing. Is relatively simple, for, attackers to use, compared. To malware creating. A malware or an. Application can, be much more complex or script inside. Inside. Inside an office documents, or something like that but fishing is pretty straightforward and easy to do the. Second way is scalability, with, phishing send by email your. Attacks can be very scalable, and the, last one is return, on investment, sort, of a, result. Of a previous, to simplicity and scalability. These. Days attackers. Are often people who try to make money and they look at via Hawaii if it cost them too, much to, do an attack when. We are. Not going to spend their time on that and we are going to use another vector their exception, like the states installer tag but don't do that for money but, for the last large, majority, things like Branson Wales and over us the, people, the.
Attackers. What they want is to make money so, the, harder, or their life is and to. Do we attack. The. The. It, reduces, basically, the, the, risk of events, using that vector for for, attacking. So. Fishing. As these. Are just, screenshot. Of. Newspaper. But it, has evolved over time when. It started, fishing was, pretty, easy to detect, it was not targeted at all today. Non. Targeted. Fishing. As. Still. The majority of fishing but we see more and more and it's growing. Targeted. Fishings and the way, attackers. Do that is they, are going to for example look at the company, and do, some research about, the company or, what are the suppliers, of this company which what. Are the other companies this. Company makes business with and we, are going to do fishing by, using the name of the supplier or something like that they will do spoofing, that's, these, are much more advanced, attack that, are smaller scale so more difficult, to to, detect and that. Are much, more effective because people, are not. As. Cautious, when they see an email coming, from, someone. With a supplier, for example or but fakes to be a, supplier. So these targeted. Attacks are. Much. More difficult to to identify, but we have technologies, for that and now I'm going to have. Nicola. Provide. Some insight about, how. We, about. Phishing and what we do for fishing. All. Right so. Today. We are going to go mostly about credential. Fishing, now. As. Its most prevalent, form we, have seen the. Reason for the popularity of, these attacks, is. Basically, that phishing attack are it, makes, it really easy for, an attacker to ask, the, victim all the, relevant information for. Successful, hijacking, you. Can ask for a username password, additional. Information and some. Victim are going to answer. So. The vid sector despite being one of the easiest to pull off it looks so one of the most successful one. So. We. Studied a couple, years ago we studied like the different type of attacks that are efficient, on internet and we. Published paper how we reveal. That, or discovery with the victims. Of phishing, actually. Much more, successfully. Hijacked, afterwards, then, the victim of other major, hijacking, vector like, key loggers or, credential, leaks its. Back to the point that phishing are allowed the attacker to get all information, they need to access the target system. So. Fisher's. Try to make it there, difficult to pin down they. Try different methods, and move. Forward, so. We, know that window, of vulnerability actually. Very small like. They are reported, very, quickly and then, the attack will stop to work so. What they are doing they are trying to go very small in. A short period of time and then, they are going to switch to a different attack, before, the difference mechanism, how about you need to catch up, so. We know that the median number of phishing email in, campaign, is only 250. Emails. So. The. Half-life of a campaign is only 12 minutes. So. It's, up. The. Defense here needs, to be extremely. Fast, and reactive, to be able to handle this. So. We're. Going to go over different, phases of phishing attack as well the protection, will provide, like. Generally can categorize, the, component, that need to fail for successful, phishing attack first. The email service he. Needs to basically let the email, go through and not provide enough information to the user. To. Prevent it then the phishing website, is going to gather the credentials, and, finally. The stolen, credentials going to be used on the target website so. The first attack Gmail, is going me here to defend, you like. We have a machine system, as well as extensive. UX, to help user defend, themselves, then. The. Chrome browser is, going to provide, the additional protection, against. Phishing website, and, finally, we'll go over security kiss or defensive. So. To understand, the many opportunities the. Defense, hot here, when go over the life cycle of phishing email. So. The first element is, one. Everybody, is very. Comfortable. With its, delivery. Everybody. Is. Aware of email delivery is coming, to SMTP, at, this stage that's when you have a lot of mail filter we are going to catch, immediately. Or not the attack. So. What Google we use an, a wide array of techniques. To actually distinguish. Good emails from bad ones the techniques. Here range from repeat. Analysis. Where. We are going to just understand, the sender message, header understand. What email comes from. Then. We have content understanding where. We are actually going, good through, the content and of system are going to determine whether.
Something. Is, risky, in the content of the message and, finally. We have clustering, christening. Our array of techniques that group, similar behavior, and find, patterns of. Abuse. So. The first one of the, techniques which video, reputation, it's. Fairly. Straightforward, reputation. Technique is similar to blacklist in of bad, actors and then. We have observation. Of. Previous. Bad behaviors, as. Well as a rank ranking, on them and we. Are going to use that to identify what, is wrong like we, identify, like IP address other cluster that are known, as bad subnet. AF, number domains. URL. Prefix and this. Provides, very direct, feature to know, what something is bad we. Also have feedback Krukow user helping, us there both, to marketing, as well as well as mock that things are not bad and sometimes. When, in case of IP address we want actually to end up YT visiting them so we are not blocked forever. The. Next element is content, understanding. Statically. Understanding, the content, of message for, system, to be able to identify, something. Is, similar, to non good, or bad pattern so. We. Are using text and image similarity detection. To, enhance or different. System, and I don't write roofing in this case you can see we identified, text looking like Google or images. Look like Google, logo and we can use that to notify. Like something, is, suspicious. Down, the system that will reject, or not email. Finally. Clustering. Questioning is really, critical, nowadays and. AI. Is really enabling, a Google to efficiently protect billions of user today. Like. We use was a different. Technique and we have been like early adopter of AI. -, and we. Have multiple. Layers of, linear. Regression model as well as neural networks, and those, multiple, techniques, allowing, us to have extremely. Efficient, model to separate, good from bad traffic. So. Now that we. Are done with delivery, is not, over, one, very, important concept, here is the temporality, of emails. Like. You get delivery but you're not opening the email right away and it's additional, time you can take take advantage of to provide additional. Differences. For users so I. Think in times basically when the email is synchronized, from, storage. Into your client, this, opportunity, to first. We have a limited, and we needed most of the fishing during, delivery it's. Only a subset, now and we are going to add. Additional information in, the message to. Allow the client to display the right information to user in, particular, for element, that are suspicious we, are going to let them information flow through so we we know we. Also providing, like sank addition of the content to ensure that the content will render similarly, on multiple client so people cannot like have, selective, contact, in one grant that with the other to hide attacks. The. Next stage is message. Open at. This stage the, email is opened by the user, if. You are suspicious, element. In the message we. Are we want to provide them as crew to the user like. The machine learning system the automated detection was. Not able to provide the verdict that was bad but, who may know it something is suspicious and this, is a really, critical opportunity. To help user defend themselves so. Google. Had security. Warnings, in Gmail for extremely, long time however. As part of the gmail redesign, we worked on last year we. Work extremely closely with, user experience. Team. On. The security, aspect of warning banners the, new warning banner are extremely, bold and with, a clear call to action, so. For risky, messages, we even disabled capabilities such as links, and attachment, and this. Had a huge impact. On reducing, interaction. With malicious, emails. Time. Is of the essence here and, we. Can actually benefit. From constant, evaluation. Of, bad sides by. The attachment, and, reclassify. Contact, during, that even after the message came to you to, an inbox it, is possible, to change, or, open of it we, may have some new data they tell us this is actually dangerous and we. Can modify, the banner so we are never just delivering. Email and forgetting about it instead we are constantly monitoring, afterwards. So. User benefit, from new rules new model and date focus, on user safety. So. A, real. Example of that is something we we launched very recently which, is outbreak. Warning banners, basically. If, an employee of the organization is. Reporting, an email as phishing we're. Going to propagate quickly, that information, across, the organization, and, similar.
Emails Will be very quickly labeled as such preventing. Like. Widespread. Attack. So. After we have message open the next element and the fishing flow is actually a link clicking, that. Case that's when the attacker. Is going to redirect the, user to phishing, website to have a screenshot for instance. So. Here, will provide real-time check, which, means that we, we. Do an additional, check of. Phishing. Links, when, you click on the link it goes technically, to resurrector. Gmail. That will, analyze. Again, the later Safe Browsing definition. For, fishing, as well as my website. The. Point he has to be the most. Up-to-date possible. Another. Vector for filk attack is reply. People. Are going to ask for information and, buy an email and sometimes. People will fall for it. So. A, protection. We added here is. Differences. On. Lucre. Like name inside, the domain if, someone is pretending to be someone. In, your dog, we'll be able to let, you know that the name is. Confusing, and you need to be very careful, about it like. We had a vast, array of phishing, attack that pretended, to be the CEO could. A community the company and this is what this difference is targeted. So. In. Addition we provide a vast array of, additional. Control, for domain administrator. To. Improve, the defenses, and. Select. Multiple, techniques that, will define, the user so. Nicholai not going over malware, protection but. We offer to our users. So. For malware we also as. Well like, for phishing have a multi layer approach. So, we, do. Use, many. Heavy engines, and we run a five for all these avenging, so when, you use Gmail and and and this which you're protected, by. Many. Antivirus. Engine, so that's one thing the. Second, thing is we block. Attachment. That are not trusted, so we, block executable. In Gmail so, you can't, say negligible, by email or, we. Block. Attachments. That are encrypted, and with scripts that's an option you can disable as an admin by, default it's off but that's something, that you can, enable in. Your domain it really depends on your companies and, the third one is your de protection, so if. Malware. Already, known they will be caught by the different. Ad engine but for new malware for. The, one that are created. Today they're. Basically not listed. Yet on the, ad engine, so what we do is we do a mix. Of. Static. And dynamic analysis. So we look inside the. Address. Script inside the file and, we, evaluate. The. Level, of risk for these scripts so, this, is a technique, that proves. To be quite effective for. Detecting, zero the. The. Or them aware another. Thing that we do and that we are launching in bed. Tomorrow, so that's that's a news is. Security. Sandbox, so, for. File that, are at. Potentially. At risk we, open them in virtual machines and, we look at the.
What, They do in the operating system and based on that we decide to block the file or not we, do that for, all users, based. On the risk associated with the file and if, you use the Enterprise Edition we, do that exhaustively, for all your, files that are not already called by another a virus, antivirus. So. You. Get, basically one out percent of your file. Scan. That way if you're, using. The Enterprise Edition of this week and if the file doesn't be already caught by an, antivirus. Another. Think related to. Malware. To protecting and malware on the. The end user side is when you use Gmail when, you open a file it, opens us preview, in in, Gmail, as, a preview, the, result of that is in most cases the users don't have to download the file on, their computer and, open, the file from the computer so, by, previewing, a file in Gmail it. Eliminates, the, risk associated with that file of scrape, running, and things like that so it's completely safe to open the file in. Preview, mode in in Gmail. So. That's. For phishing, and malware. We've. Covered by section phishing, malware in Gmail the detection in Gmail now, I would like to talk about the. Detection of phishing. Website, with Chrome as we, mentioned. Earlier it's really a. Layered. Approach so, in. Chrome what. Consumers. See today, is, that when you get to a page that is known by Chrome and Safe Browsing to, be to be malicious where is a page like that but once the usual, it's. Available for consumers as well but. As a consumer, you still have the ability to go further what. We provide is, with, a policy. Admins. Can decide for, the. For. The users of their domain, to. Block users and prevent them to go further if they try to visit a page that is known to be a malicious page so, that's something that is. Managed, by fufu, group policy, and, you can also use Active Directory if that's what you prefer to use. Another. Thing. That we provide is a, password, detection.
So Here is an example the video is playing is a user tries goes, to a travel, site and try and uses his, corporate, password to log in and what happens is that, we've. Chrome from the tag that the users trying to use a copyright, password, to. Log into a site but as is a public, internet site and blog, the user from it and then, the user is forced, to change his corporate, password so, that really provide, a protection, because the, same password, being used on multiple site, is, a known source of risk, because, if your corporate password. Is. On the side that then get hijacked, the. The attacker of that site are going to have a credential of the users and they are going to be able, to, to. Log in to your to. Your copper to the corporate account of the user so. Password. Alert is a policy of, Chrome browser that, itn, mean can, can. Use. To. Protect, copyright, account and copyright account can be both Google, and on Google account. So. The. Last part is about, account. Protection so. Two-factor. Authentication is. Better. Than. Just. One factor just regular. Credential, email and password but. Something. To keep in mind that two-factor, authentication with, a passcode whether, it's a passcode, given. By an app running on your phone or an SMS that you receive is. Vulnerable. So, and. If. We look at this example imagine, the user he logs, in with credential. His credential. Email, and password and, there is a man in the middle here. The man in the middle is usually, not a real person it's, a proxy, so everything is done automatically, so, the person, here is, trying, to log into a site the. Right box here thinking, that a legitimate. Site on the right side and he. Entered his email and password, the man in German or does with fedsim and logs in and, then. The, user enters, the. Passcode. That he has to log into a site and, turns, it the man in the middle catches, it and is. Able to log into the legitimate, site so although. What. We are seeing is there are more and more open-source tool, kits available, for. An attacker to easily. Set up so. Do. This this type of attack so although it's. Better than nothing. Second, factor with passcode is vulnerable, so.
What We, use at Google and. What, more and more district customers, are, now using is. The. Securities. And the way securities, work is imagine. The lady here logs in with. Her. Email and password and, then instead. Of entering a, passcode, it's, basically, the security key, that sends a passcode, to, the site in the middle the managers site that, is supposed to set the passcode but the security he. Sees that google.com. Is, not very google.com, and is not going to send this, this. Authentication. And as a result of that the authentication, is going to fail and, the, man in the middle will not be able to access. The. Legitimate. Site so security. Keys we will. Use them at Google's and we use them we haven't had any hijacking. Successful. At, Google so it's really very effective it's. Also affordable, the, price range is between. 20. To $50, depending. On the model US dollar compared. To a price of a computer, it's not it's not a big cost and really adds a lot of security so we really, recommend that, you consider using, it. So. I can just talk, about it. And, now. I want would, like to talk a little bit about. What. Is available for administrators, basically. Our, approach, on. Security. For G, suite and. Google. Is, to. Provide, simple, tools for. You to. Configure. To, tune the security, that we provide by default, we want we, want users to be safe by default, even if you do nothing but if you want, to tune the security, it should not be it should be simple so here, is a example. Of screenshot of something called security centers where you can get analytics, and. Security. Best practice, as well as some. Security. Investigation. You, can look, at charms, drill down into the logs, and do all of that from from a simple user interface for fine men, we. Also provide. Control. To. To fine-tune. The. Security. Of phishing, and, malware. Protection some. Examples, I will not go for the list if you go to the admin console, it's, available to. All. Edition. Of G, sweetened and, and you can, look. At the breadth of the controls, but some examples. Protections. Again an encrypted, attachment. That are sent by untrusted. Senders, or, protection. Against anomalous, attachment, type of emails an example of that is you have, your. Company and your receive file. Type the, type of file one of a non-player receive a file that no, one in your company, ever received, so, it may be legitimate but, most likely there is a high likelihood that, there. Is a risk associated with it so Veon means now have the ability to say hey when file like that comes movie, to quarantine, so, we, apply. Intelligence. And we do analysis to identify for. Each domain what, are the file type that are, very, uncommon, and, it's. Possible, to add white these foreign means but we most, of the work is done for you so all you have to do is is checker box will. Also provide spoofy. Neko talked about it and, additional. Protection. Like looking, behind. Shorten. Links or. Looking. Inside images, to see their logos. Of data. Being, used. For fish fishing purpose. So. It's a lot so. As, a summary, and I won't go through each and every. Box. Here, because niccola cover, most of it but in. Summary, for gmail what do we do we, provide different layer of protection the. Gmail, Chrome, and security keys for account protection against. Hijacking, we, use a breadth of technologies. Clustering. Machine, learning models using. Thousands, of features we. Use computer, vision for images, do. Static or, dynamic analysis. Of. Attachments. And and security, sandbox that I mentioned, one. Of the differentiators G. Suite is the breadth we have 1.5. Billion users and, the report, feedback, and. We. Have a very, large number of users on Chrome as well so all of these data that, we receive, can help us help us train. Our machine learning models, to be to, be more more, effective. Another. Thing here is what Michael mentioned earlier is making, the best use of time by. Checking, at clique time for example, time. Is really critical. To for detection and. Because. More, time we have more signal we have coming from antiviruses. From users, reporting. Phishing. Messages, so by, doing things like. Checking. Our click time it, increases, the chance of catching. Malicious. Malicious, link, and, also. The Enterprise Protection that we mentioned. Earlier so now Niko is going to talk about what. Gmail is launching, soon to. Increase, safety in email in transit you know in encryption. All. Right so. Very important topic for us has been how. To protect.
Amyris Kal going, over Internet. So. Gmail. Has led. The. Very. Big scrutiny, on email. Protection, in trended. Vertically. Encryption, of SMTP it front entrance, turned it has been an afterthought, of email protocol. And, we. Invested extensively, to actually make people understand, like, where, the improvement, to be done so, in 2014. We launched a dashboard showing. People the, reality of the situation where. You had. 3/4, of the. Email go rich, in Gmail that was not encrypted, when it came from other provider. This. Actually led a big increase in encryption. In transit, then. In. 2016, we added an indicator in Gmail showing. Users when, they receive email from Thunderbird, San, clear text email and did. Not care as much about their security another. But. However, it, doesn't show the fact that the SMTP, protocol itself is. Doing. Opportunistic. Security. Radically. When you send an email when a lease right with an email to Bob. Email. Used to being totally, key attacks, then. Start. CLS was added in 1999, which, offer an opportunistic, encryption which, means if both and agree, on supporting, encryption, very long crypto trend it sounds, great. However. An attacker. I can, any point in time do. An active man in the middle attack, again the traffic, and the. Deliberate encryption. So. Attacker, can, just place themselves in the middle they, can just break, the, capability. Detection. Of the service, and the, traffic will go in protected, and attacker can actually listen to traffic. So. Over. The last three years we, have worked with in IETF turned. Our body to, build a new standard, for email, in transit and we. Had amazing, work from Google as well as over, large email providers, and Internet, community at large and we, are very excited to announce that, Gmail, is going to become the first major email. To, follow, the new MTA, STS. As well, as TLS, reporting. Standard. So. I'm very proud that my team actually design, and build, the first large-scale implementation that. Is coming to you starting, tomorrow. So. The MT STS is. Basically, offering, the, recipient. Demand ability to specify a policy, so. That the sender, that sea-bottom. GSEs, will, verify that, the smtp, connection, is properly, encrypted, as, well. As authenticated. With valid, public certificate. This. Is combined, with Telus, reporting. Which. Will make the, Thunder, domain of. Thunder. Daily report, to the recipient domain for. Emerald. Fronted, encryption. And. Issues. Will actually be reported. So. This, standard, is a first. Big step that of enforcement. Of security. In transit on internet. For. Mail so. In. Practice how does it look like in. This case and. The, SMTP. Sender is. Going to actually read the policy set up by the recipient. Domain, and. The. Thunder, will refuse, to deliver, email, without, valid, TLS and first the server certificate. In. Case we can see if only, the Thunder, is not able to communicate, on cruising on Krypton manner with the recipient, we had that policy specifying. Always encrypt it, the email would stop, additionally. The, reporting's, and I will actually send a report and the report will, contain information about, the failure. So. This. Done, this reporting, who looks like that which should dedicate JSON, file, that, explain, exactly what, era what observe and, this, is like deterrence. Against anybody who will try to do interception. Not, only intercept, our time for interception, of electrons. Traffic is going, to be prevented, it will see reported. So. What why, do you need this today um. The immediate benefit you can have today is for, yourself, to set the policy for your domain which. Means anybody using. A sander stack with supporting, MTS yes will, actually be able to send you encrypt to. Over the email encrypted. There's. No guaranteed way you. Can also contact all your partners and ask them to set up a policy and then, as you sign in using Gmail.
Stack. You will actually have your email protected. Like that in transit. So. Again, this is launching, in beta, tomorrow, so. Please check this. Fit update on and Annika. Is going to go back on how you can protect sensitive content, in email so. We. Provide, a, product. Feature, in Gmail called, confidential. Mode and, what, it does it provides basically, right management, for, email and with. Content exploration. And two-factor authentication we. Launched this feature for, consumer, with. A new gmail last year and, we've, waited to launch it to. Enterprise. And we launched in beta earlier, the, last, month actually. Because. We wanted to complete, the integration with. Vault for discovery, for enterprise wanted the product to be ready and, so, what. Is, Gmail. Confidential. Mode it basically. The. Way it works is, at the time you're sending, an email it. Strips, out the content, the body of the email and replaces, by, link and email goes over, the internet with a link and the content itself stained your mailbox, so, the recipient on that email, to, view the content. Will. Get, the content, via, HTTP. At you time so the content, will never physically, be in the recipient, mailbox. One, benefit, of that is if. You. Can, request for authentication, of a recipient, that the recipient, gets a. Passcode. By SMS, the. Value of that is if the mailbox, of a recipient for example is hijacked. The, recipient, who has hijacked the mailbox, and. SMS verification will. Not be able to get the content because at the time the SMS will be requested, it will go to the, to, the real owner of the mailbox. Another, advantage of that is the, content. Transit of HTTPS, with which is a secure. Channel and. You also have the ability to make content expire so if you want to send content to someone but the, content web person doesn't get access to content, forever, it's. Also it's, also possible so. We. Provide for these feature as I mentioned, the feature didn't a lot of the same time as consumer, because we wanted to build this integration, with volt it's. Possible. To, set up volt. Policies, of retention, and. Export. On the, recipient. Mailbox. And if, the contact is sent by someone, within our organization. So you have access to the content of of a center of mailbox as well you, are able to set this policies, basically and. If. You do not want to. For, whatever reason, to receive Gmail confidential, email you can always use the lp rules to to block this content you have full control on that. So. To, summarize, what we covered today because, we could have quite a lot. One. Of the thing is I hope. We manage to convince you that this which really has, as a top priority to, make communication. Secure. And using, email and as. Secure as possible that, lots of top right of us and what we want is what users, are saved, by default, that's. Our top priority, the, second thing is we. What. Ticket just cover the. Enhancing. Protection. As. Well on transit. And. The. Last thing is helping, user protections. If the--if content, by playing policies. Right management into email these are two free takeaways, of a presentation, today and, we have a little bit of time for for. Q&A that's a quote from one of our customer, the city of Boston that has. Seen, great resolve a using G suite and compared. To their prior, a system. For security. They've, seen a big, upgrade.