Google Puts G Suite Less Secure Apps Policy Changes On Hold
For the past few weeks, the world has become more reliant on the Internet, both for play and especially for work. The latter is why many software and platform developers have been adjusting their features and even their policies to account for the sudden change in work habits. Unsurprisingly, Google is making some changes to its G Suite platform, suspending its earlier move to cut off the access of what it considers "Less Secure Apps".
In Google's definition, these Less Secure Apps or LSAs use sign-in or authentication methods that don't use modern security standards. For Google, that mostly means an app that uses OAuth for that purpose, which is, not by coincidence, also what Google accounts use. Google sees these LSAs as security liabilities that could endanger the user's account and even the entire workgroup.
At the end of 2019, Google announced that it would be preventing these less secure apps from accessing G Suite accounts. It planned to pull the plug in June this year but it definitely didn't take into account the events that transpired in the next months. While quarantines may already be lifted by then, system administrators and business owners may be currently too busy to worry about such a disruptive change.
That's why Google is now announcing that it won't be pushing through with that schedule, at least not yet. It will still ban LSA access to G Suite apps in the future but that date isn't set in stone yet. The suspension of the LSA turn-off applies to all categories of apps, including Google Sync for iOS Mail, Google assures.
That said, this also presents a conundrum for Google and system administrators. It is exactly during times like these when hackers seem to be working overtime to break into less secure home Internet connections. That's why Google is still recommending G Suite users to switch to OAuth-enabled apps as soon as possible rather than wait for a future deadline to do so.