Google recently introduced a new set of tools aimed at improving security within the Google Cloud Platform. There are several new features and products available. Here’s an overview of the new GCP security features.
VPC Service Controls
Google’s new VPC Service Controls are meant to add an additional layer of protection for users’ data by creating a security perimeter around data stored in API-based GCP services like Google Cloud Storage, BigQuery, and Bigtable. The tool is currently in alpha, and allows enterprises to configure private communication between cloud resources and hybrid VPC networks by using tools like Cloud VPN or Cloud Dedicated Interconnect
Cloud Security Command Center
The new Cloud Security Command Center is also currently in alpha. The tool lets users view and monitor a full inventory of their cloud assets while also delivering other important security support functions like scanning storage systems for sensitive data, detecting common web vulnerabilities, and reviewing access rights to your critical resources.
Access Transparency is a tool that provides users with an audit log of all authorized administrative accesses from Google Support and Engineering so that they can keep an eye on all the activity surrounding their data. In addition, users can view the justifications for those accesses within many of GCP’s services, with more being added throughout the year.
Cloud Armor is a Distributed Denial of Service (DDoS) and application defense service. It uses the same technologies and infrastructure that Google also uses to support its popular services including Search, Gmail, and YouTube. Basically, it allows users to create custom defenses with any specific combination of parameters, from Layer 3 to Layer 7, in order to protect against multiple attack types.
Cloud Data Loss Prevention (DLP API is a managed service that is meant to help users discover, classify, and potentially redact sensitive information that they have stored in digital access. The offering was actually announced last year. But Google just announced that is has become generally available.
Cloud Identity is another GCP security service that was announced last year that now has a new spin. The previous version was a built-in service that helps organizations manage the users and groups that need to be able to access their GCP resources. But now, that same ability is available as a standalone product.
In addition to the new GCP security products and services, Google also announced that the company’s underlying common infrastructure has received the FedRAMP Rev. For Provisional Authorization to Operate at the Moderate Impact level from the FedRAMP Joint Authorization Board. This means that customers from all of the countries covered by GPC’s data center can take advantage of this new certification.
And finally, Google also announced that it has been working with several different security companies to offer additional security solutions that complement those offered by GCP. Partners for this initiative include Dome9, Rackspace, and RedLock.
Photo credit: Freerange Stock