View all newsletters
Receive our newsletter – data, insights and analysis delivered to you
  1. Technology
  2. Cloud
September 14, 2018

Google: It Takes Two to Tango if you Want Cloud Security

"Every data incident is unique, and the goal of the data incident response process is to protect customers’ data"

By CBR Staff Writer

Google Cloud has published new guidance on data incident response and security for its users, noting that while it employs advanced detection tools and alert mechanisms that provide early indication of potential incidents, along data encryption at rest, virtual private clouds and more, it takes two to tango in terms of security.

In the white paper Google continually emphasis the customer’s role in the security process: “While Google secures the underlying cloud infrastructure and services, the customer secures their applications, devices, and systems when building on top of Google’s Cloud infrastructure.”

The company adds: “Customers must properly configure security features to meet their own needs, install software updates, set up networking security zones and firewalls, and ensure that end users secure their account credentials and are not exposing sensitive data to unauthorized parties.”

The paper comes amid a rise in data breaches caused by security researchers finding unsecured public cloud buckets hosting confidential material.

See also: Misconfigured Cloud Storage Leaves 1.5B Sensitive Files Up for Grabs

Google define a data incident as a breach of Google’s security that leads to an unlawful or accidental loss, access, alteration or unauthorised disclosure of data controlled by Google.

The security white paper released by Google is part of the company’s efforts to be more transparent with its Google Cloud Platform users. Earlier this week it also launched a tool called the Access Transparency Logs, which allows enterprises to see when and why a Google administrator has accessed a customer’s account.

Content from our partners
Incumbent banks must transform at speed, or miss the benefits of open banking
Leverage cloud and expertise to optimise engagements from onboarding to conclusion
How enterprises can best prepare for finance digitalisation

Joseph Valente Product Manager at Google Cloud commented in a blog that: “These logs provide visibility into access at every layer of the stack—not just when access happens through public APIs or high-level endpoints.”

All this follows an incident last July when Google Cloud nearly deleted a customer account over suspicious activity.

See Also: Google Cloud: “We’re Sorry”. Introduces Raft of New Account Management Measures

In highlighting the customer’s role, Google lists the security features it has in place for its Google Cloud Platform offering, such as identity access management which allows administrative users to control who has authorisation and can interact with specific resources. Access to accounts is done through a multi-factor authentication process and data is encrypted while being transferred and at rest by default.

Google White Paper

Google White Paper

The company gives a breakdown of how a high-level data incident is treated. The process happens in four phases, Identification, coordination, resolution and then continuous improvement.

Identification of an incident occurs through the automated security process which scan for anomalies, these are then reported to the incident response team. From there they try to contain the issues and fix the underlying problem to restore affected systems.

 

Websites in our network
NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy
SUBSCRIBED

THANK YOU