Google Introduces Several New Ways to Keep Accounts Secure

Security Hero

Protecting data is something that is more important today than ever before, especially with much of today’s data being stored in the cloud. And in a recent post on the Google Cloud Platform blog, Google announced several new tools and services that can be used to protect data stored on their platform.

The following are some of the updates that Google announced in their recent blog post:

VPC Service Controls – This new feature provides a secure perimeter around data stored on the Google Cloud Platform, which can be especially useful when storing or processing sensitive information. With VPC Service Controls, users can configure the level of access that each cloud resource is allowed to have with other Google Cloud Platform resources. In addition, admins can also create context-aware access control rules, restricting access to only those users that need access.

Cloud Security Command Center – The Cloud Security Command Center (Cloud SCC) enables admins to view all of their cloud assets and resources all in one central location. From the Cloud SCC, users can also scan resources to see if they contain sensitive data or vulnerabilities that could potentially put that data at risk.

Access Transparency – Should a member of the Google Support or Engineering team ever require access to any of a user’s Google Cloud Platform services to provide customer support or to resolve an issue, Google will automatically log this access in near-real time so that admins can see who accessed their services and when. The log will also contain a reason as to why a Google employee was required to access a GCP account or services.

Cloud Armor – When managing a web application, especially one that is user-facing, there is always the risk that it will fall victim to a Distributed Denial of Service (DDoS) attack, which can slow even the most robust websites to a crawl or even temporarily disable them completely.

However, GCP’s new Cloud Armor service can be used to protect cloud applications from such attacks. All the user has to do is enable and configure Global HTTP(S) load balancing, and Cloud Armor will take care of the rest. Users can even view information regarding incoming requests via Stackdriver Logging, should they wish to gain some insight into where their traffic is coming from and what action may have been taken against traffic that was deemed malicious.

Discover and Protect Sensitive Data with the DLP API – Using Google’s Cloud Data Loss Prevention (DLP) API, users can easily discover potentially sensitive information that they are storing and can obscure it using one of the several available data-classification methods.

Cloud Identity – An upgrade to a service that Google launched last year, Cloud Identity allows admins to manage the access that various users and groups have to their organization’s Google Cloud Platform services. With the latest version of Cloud Identity, Google added several new premium features, including enterprise-level security, application management, and device management.

FedRamp Authorization – For government customers that use Google Cloud Platform services, Google has now received FedRamp authorization which means that the firm must adhere to strict security standards laid out by the U.S. Government’s Federal Risk and Authorization Management Program.

In addition to the above new security features, Google has also partnered with several companies, including RackSpace, Dome9, and RedLock, in order to provide additional security features to Google Cloud Platform customers, including PCI compliance testing and managed security among other features.

With a large number of organizations trusting not only their data, but also the data of their customers to the cloud today, it is critically important that cloud service providers take security seriously in order to prevent data breaches and other potential security issues.

And with the recent security updates to Google Cloud Platform, admins can rest a bit easier knowing that there are a variety of available security options that can easily be enabled on their accounts. Whether it be preventing DDoS attacks or obscuring sensitive data from prying eyes, Google Cloud Platform offers a variety of security features that can be enabled to help ensure the security of both organizational and customer data.