Increasing security, whether it is across Cloud or IoT devices, has been a focus in the technology industry. Now Google has unveiled new measures for secure data.
The tech giant has revealed a suite of measures, including 20 new security updates, across the Google Cloud portfolio. These aim to help businesses build a secure environment to migrate more workloads into the cloud, as well as giving them more control over the environment.
Google has said that many of the features will be on by default, with users not having to do anything to enable the new updates. Areas that have been updated include the basics such as Gmail, Calendar and Drive as well as some swanky new security updates elsewhere.
Within the Google Cloud Platform, the tech giant revealed new VPC Service Controls, which act like a firewall for API-based services to help prevent unauthorised data transfer from the cloud services as a result of data breaches.
“With this managed service, enterprises can configure private communication between cloud resources and hybrid VPC networks. By expanding perimeter security from on-premise networks to data stored in GCP services, enterprises can feel confident running sensitive data workloads in the cloud,” Gerhard Eschelbeck, Vice President of Security & Privacy at Google, said in a blog post.
The second area includes a new Cloud Security Command Centre, which will better protect applications in the cloud. Google’s new feature will benefit businesses because it easily gather data, identify threats and acts on them accordingly before they lead to damage to the business. The centre gives users a consolidated vision into their cloud assets, so that workers can quickly understand the projects they have, where data is located and how firewall rules are configured.
An important element to the security additions is Google’s ethos of being open. As the due date for GDPR looms, this is of the utmost importance to all businesses today. Therefore, Google has announced the new tool, Access Transparency. This develops an audit log of Google’s support teams access, displaying what, where, when and why admins have made changing on the projects.
“Access Transparency offers an immutable audit trail of actions taken by Google engineers and support whenever they interact with your content on GCP,” Eschelbeck said. “Access Transparency builds on our already robust controls that restrict Google administrator activity to actions only with valid business justifications, such as responding to a specific ticket our customers have initiated or recovering from an outage.”
The most common threat to businesses is the basics of not identifying an intruder or malicious note. Google has an answer to this too, applying machine learning to help identify what could be a phishing attack.
Examples such as automatically alerting users of emails from untrusted senders, or warning against spoof employee names are enhancements to the security. Additionally, Google is offering enhanced protection against spear phishing attacks by flagging unauthenticated emails as well as scanning images and expanding URLs to detect malicious links.
“Businesses’ path to cloud adoption relies heavily on trust; CEOs and CIOs need to feel comfortable that they are gaining significant benefit from the cloud without giving up control,” Doug Cahill, Senior Analyst at ESG, said. “With these announcements, Google Cloud is continuing to provide more control and insight to customers—and commendable visibility into administrative activity within their cloud environments through Access Transparency—while offering them the peace of mind that many of the fundamental aspects of security are taken care of and constantly evolving along with the threat landscape.”