IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Google Cloud doubles down on security at Next

The company has announced over 100 new security products and services during the past two years

Blue figure statue next to white background with NEXT on

Google has announced 30 security features for its Google Cloud Platform (GCP) at Google Cloud Next 2019, building on a two-year-long commitment to making its platforms more robust.

Prior to today's announcement, Google Cloud had invested heavily into its security systems, launching more than 70 products and services in 2018 and with it now adding to that tally.

The company split its announcements over three different sectors:

  • Security of the cloud: referring to the infrastructure that keeps GCP secure such as datacentres, network cables and its Titan chip
  • Security in the cloud: features that allow customers to build secure applications for their businesses in their cloud environment e.g. encryption key management
  • Security services: direct security-as-a-service solutions that Google is starting to provide

Security of the cloud

"One of the things we deeply believe in at Google is that transparency breeds trust," said Michael Aiello, product management director at Google Cloud, adding that Google wants to reduce the number of mechanisms that customers have to trust Google with.

Access Transparency has been in GCP for some time now but it's now released in beta for G-suite. This involves providing the customer with near real-time logs whenever a Google engineer authorises access to their environment to correct an issue they reported. Previously, a Google engineer, in this case, could self-authorise access to the environment but now they must get authorisation from the customer.

Security in the cloud

According to Gartner, 95% of all cloud security breaches are caused by customer misconfigurations such as firewalls with misconfigured buckets. Just last week a massive data trove was found to be left exposed because of an improperly configured AWS S3 bucket. The WWEAccenture and even the NSA have fallen victim to this type of security incident and Google has recognised that.

Google's Cloud Security Command Centre will now go to general availability (GA) after a successful beta phase. It's a single app that provides a complete overview of your organisation's cloud resources and the security threats that are presented to them.

Using machine learning, the app learns all the different access attempts over time and uses that intelligence to grant permissions and make smart recommendations on cloud configurations to increase overall security.

"It will give you a full rundown of all of your assets and from there you can apply security analytics and threat intelligence to best protect your GCP environment," said Jess Leroy, product management director at Google Cloud.

After some customer requests from the beta phase, the command centre will now feature more export options to Docs and Sheets and even a custom export option for Splunk Web. New threat intelligence integrations with third-parties such as Tenable and McAfee will also be supported in the GA release.

G-suite also gets a security makeover with advanced phishing and malware protection - something Google dedicated lots of resources to. Among other things such as new controls being made available to admins against phishing attacks such as domain spoofing, Gmail will be getting a sandbox mode.

The sandbox mode aims to tackle the threat of malware spread over email and because the only way to see what a malicious program does is to run it. As such, virtual environments will now be embedded into Gmail so you can know with certainty what an executable program does before downloading it.

Security services

Aside from security features added to GCP specifically for GCP customers, Google announced a set of services that can be used on other platforms such as AWS or Azure as well as its own cloud platform.

One of the most common ways that companies will discover threats is by scanning through all of the logs in their environments. Event Threat Detection is a service that scans logs for suspicious activity and can consolidate logs from private clouds, traditional datacentres, even from other cloud platforms into GCP.

After the logs have been consolidated, they will be scanned and fed through the command centre to find vulnerabilities and users can then remediate them and even manipulate the data through BigQuery.

Security has been quite the theme here at Next - Google also announced that Android phones can now become a user's Titan key, the only phish-resistant method of multi-factor authentication.

Featured Resources

Join the 90% of enterprises accelerating to the cloud

Business transformation through digital modernisation

Free Download

Delivering on demand: Momentum builds toward flexible IT

A modern digital workplace strategy

Free download

Modernise the workforce experience

Actionable insights and an optimised experience for both IT and end users

Free Download

The digital workplace roadmap

A leader's guide to strategy and success

Free Download

Recommended

What is SMAC?
digital transformation

What is SMAC?

30 Jun 2022
HPE upgrades GreenLake with Private Cloud Enterprise
Cloud

HPE upgrades GreenLake with Private Cloud Enterprise

28 Jun 2022
What is metaverse security?
Security

What is metaverse security?

9 Jun 2022
What is Amazon S3?
Amazon S3

What is Amazon S3?

16 May 2022

Most Popular

Raspberry Pi launches next-gen Pico W microcontroller with networking support
Hardware

Raspberry Pi launches next-gen Pico W microcontroller with networking support

1 Jul 2022
Xerox CEO John Visentin dies unexpectedly aged 59
Careers & training

Xerox CEO John Visentin dies unexpectedly aged 59

30 Jun 2022
Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022