Google Cloud doubles down on security at Next


Connor Jones

10 Apr, 2019

Google has announced 30 security features for its Google Cloud Platform (GCP) at Google Cloud Next 2019, building on a two-year-long commitment to making its platforms more robust.

Prior to today’s announcement, Google Cloud had invested heavily into its security systems, launching more than 70 products and services in 2018 and with it now adding to that tally.

The company split its announcements over three different sectors:

  • Security of the cloud: referring to the infrastructure that keeps GCP secure such as datacentres, network cables and its Titan chip
  • Security in the cloud: features that allow customers to build secure applications for their businesses in their cloud environment e.g. encryption key management
  • Security services: direct security-as-a-service solutions that Google is starting to provide

Security of the cloud

“One of the things we deeply believe in at Google is that transparency breeds trust,” said Michael Aiello, product management director at Google Cloud, adding that Google wants to reduce the number of mechanisms that customers have to trust Google with.

Access Transparency has been in GCP for some time now but it’s now released in beta for G-suite. This involves providing the customer with near real-time logs whenever a Google engineer authorises access to their environment to correct an issue they reported. Previously, a Google engineer, in this case, could self-authorise access to the environment but now they must get authorisation from the customer.

Security in the cloud

According to Gartner, 95% of all cloud security breaches are caused by customer misconfigurations such as firewalls with misconfigured buckets. Just last week a massive data trove was found to be left exposed because of an improperly configured AWS S3 bucket. The WWE, Accenture and even the NSA have fallen victim to this type of security incident and Google has recognised that.

Google’s Cloud Security Command Centre will now go to general availability (GA) after a successful beta phase. It’s a single app that provides a complete overview of your organisation’s cloud resources and the security threats that are presented to them.

Using machine learning, the app learns all the different access attempts over time and uses that intelligence to grant permissions and make smart recommendations on cloud configurations to increase overall security.

“It will give you a full rundown of all of your assets and from there you can apply security analytics and threat intelligence to best protect your GCP environment,” said Jess Leroy, product management director at Google Cloud.

After some customer requests from the beta phase, the command centre will now feature more export options to Docs and Sheets and even a custom export option for Splunk Web. New threat intelligence integrations with third-parties such as Tenable and McAfee will also be supported in the GA release.

G-suite also gets a security makeover with advanced phishing and malware protection – something Google dedicated lots of resources to. Among other things such as new controls being made available to admins against phishing attacks such as domain spoofing, Gmail will be getting a sandbox mode.

The sandbox mode aims to tackle the threat of malware spread over email and because the only way to see what a malicious program does is to run it. As such, virtual environments will now be embedded into Gmail so you can know with certainty what an executable program does before downloading it.

Security services

Aside from security features added to GCP specifically for GCP customers, Google announced a set of services that can be used on other platforms such as AWS or Azure as well as its own cloud platform.

One of the most common ways that companies will discover threats is by scanning through all of the logs in their environments. Event Threat Detection is a service that scans logs for suspicious activity and can consolidate logs from private clouds, traditional datacentres, even from other cloud platforms into GCP.

After the logs have been consolidated, they will be scanned and fed through the command centre to find vulnerabilities and users can then remediate them and even manipulate the data through BigQuery.

Security has been quite the theme here at Next – Google also announced that Android phones can now become a user’s Titan key, the only phish-resistant method of multi-factor authentication.