When determining the right cloud provider for your organisation, security is often one of the biggest considerations (and rightly so). In this article, we outline the key cloud security principles that make Google a serious contender for digital native organisations looking to scale fast, securely.
Forrester recently evaluated the top cloud providers for platform security and named Google Cloud a Leader in The Forrester Wave Unstructured Data Security Platforms, Q2 2021 report. The report, which you can read here, is just the tip of the iceberg when it comes to cloud security.
Read on to find out how Google Cloud’s security principles, world-scale infrastructure, and unique capability to innovate will keep your organisation secure and compliant.
Watertight cloud infrastructure by design delivers in-depth defence
Google Cloud’s trusted infrastructure doesn’t rely on any one technology to ensure security, but rather builds security through progressive layers that deliver true in-depth defence to keep the bad guys out. It develops and deploys infrastructure software using rigorous security practices such as BeyondCorp/Zero Trust to guarantee operational and device security 24/7.
Google Cloud’s entire hardware infrastructure is Google controlled and secured. This includes everything from the physical premises to the purpose-built servers, networking equipment and custom security chips to the low-level software stack on every machine.
Google data centres feature layered security with custom-designed physical security protocols. High-resolution cameras monitor the centres 24/7 and can detect and track intruders, while only a very small number of employees with specific roles can enter.
Lastly, Google Cloud meets the highest standards for performance, resilience, availability, correctness, and security. Its design, operation, and delivery practices are all integral to ensuring services are continuously available.
We help organisations ensure optimum security on Google Cloud. Sign up for our education track now to take advantage of on-demand content and virtual sessions.
End-to-end encryption by default – at rest and in transit
Google Cloud prides itself on providing end-to-end encryption, which is foundational to its wider infrastructure. This includes all communications that take place over the internet to its public cloud services.
Google encrypts data both in transit between its facilities and at rest. This means the data can only be accessed by authorised roles and services with audited access to encryption keys.
Data for storage is also split into sections, and each section is encrypted with a unique data encryption key. Data encryption keys are exclusively stored and used inside Google’s central Key Management Service (KMS) for added security.
Finally, Google uses a common cryptographic library (Tink) to implement encryption consistently across almost all Google Cloud products. As a result, only a small team of cryptographers is required to implement and maintain these stringent security controls.
Cloud compliance, data privacy and transparency
Google Cloud takes compliance seriously – so whether you work for a financial institution, public sector organisation, or anything in between, you can enjoy peace of mind wherever you are.
Google’s compliance certifications include (among others):
- ISO/IEC 27001 / 27017 / 27018 / 27701 (cloud security and data privacy)
- SOC 1 / 2 / 3 (financial compliance)
- PCI DSS (data protection)
- FedRAMP (cloud security)
- Alignment with: HIPAA / GDPR / CCPA (data privacy and security)
Click on the links to find out what these certifications cover in more detail, or learn more at Google’s compliance resource centre.
When it comes to data privacy, Google Cloud prides itself on transparency. As such, Google only processes data in accordance with its terms and data protection agreements. It also outlines its policies around responding to government requests.
In fact, Google Cloud has published its own list of cloud security principles, which you can read here:
- You own your data – not Google
- Google doesn’t sell customer data to third parties
- Google doesn’t use customer data for advertising
- All customer data is encrypted by default
- Google guards against insider access to your data
- Google never gives any government entity ‘backdoor’ access
- Google’s privacy practices are audited against international standards
To find out about Google’s cloud security principles in more detail, visit the privacy resource centre.
Why choose Appsbroker for cloud security?
At Appsbroker, we work tirelessly with some of the world’s biggest, most exciting brands to enable digital transformation on Google Cloud that’s safe, secure and sustainable.
We work across a wide range of sectors including retail, financial services, manufacturing and industry, media and entertainment. We understand that no two organisations are the same – so why should your compliance requirements be?
No matter your business challenge or industry, we’ll work with you to modernise your existing applications, data and infrastructure – or to build net new – while meeting strict compliance requirements.
When it comes to data governance, our dedicated Cloud Foundations framework ensures we adhere to strict cloud security principles – so that you can focus on what really matters.
To find out how we can help you ensure world-class security and innovation on Google Cloud, join our security community to follow our quarterly education track.