Secret Manager security service now available for Google Cloud

Google Cloud recently unveiled a new service called Secret Manager, which is meant to provide a convenient and secure way to store API keys, passwords, certificates, and any other sensitive data that users may need to access on an ongoing basis. Basically, it serves as the central location for managing, accessing, and auditing secrets across the Google Cloud Platform.

Currently, the service is available in beta to all Google Cloud customers. Those interested in trying it out can get started using the Secret Manager Quickstarts, which shows you how to create and access secrets across your Google Cloud Platform.

Before jumping in, here’s what you should know about the features and functionality of Google Cloud’s Secret Manager.

Global names and replication

Some users want to have complete control over the regions where their secret data is stored. Others don’t have much of a preference. Secret manager uses replication policies to give customers the best of both worlds. Essentially, you can choose between automatic and user-managed replication policies. So if it’s important for you to choose a region, you have that option. If not, you can opt for global or automatic storage.

Versioning

Secret Manager automatically versions secret data to protect your secrets and give you access to specific versions of your information throughout gradual rollout, emergency rollback, and auditing processes. When you perform operations that impact your data, like access, destroy, disable, and enable, those actions take place on a secret version. Then when needed, you can pin a secret to specific versions.

Audit logging in Secret Manager

Cloud Audit Logging is a feature that allows Secret Manager to generate an audit entry for every interaction. You can use these logs to locate abnormal access patterns or integrate them with anomaly detection systems in order to detect potential security breaches.

These are just a few of the main functions of Secret Manager. The platform also offers encryption guarantees, service controls, and high-level permission settings to support organizational security even further.

Featured image: Freerange Stock

Annie Pilon

Annie Pilon is a freelance writer specializing in topics related to business, marketing, social media, and tech. She has a degree in journalism and marketing from Columbia College Chicago and currently works and lives in Michigan.

Share
Published by
Annie Pilon

Recent Posts

Best remote work collaboration tools to maintain peak productivity

Now more than ever businesses need remote work collaboration tools. Here’s our pick for the…

3 days ago

Using DHCP to configure VPN clients? Windows Server 2016 has features you need

Among the many new features included in Windows Server 2016, the improved DHCP services can…

3 days ago

Elasticsearch database, unprotected and readily available, exposes 5 billion records

An unprotected Elasticsearch database with five billion records was publicly available until recently. Most troubling:…

3 days ago

Free remote work tools for IT teams during coronavirus pandemic

Setting up remote workstations during the coronavirus crisis so employees can work from home is…

4 days ago

MonitorMinor stalkerware: Dangerous new Android malware

Stalkerware has been on the rise for a while, but MonitorMinor threatens to take this…

4 days ago

5 ways to secure your applications from open-source vulnerabilities

No single tool acts as a silver bullet to slay all open-source vulnerabilities, but using…

4 days ago