Platform controls

Google Cloud supports compliance using platform controls to create regulated boundaries on public cloud infrastructure. This topic provides more information about how platform controls work.

Platform control primitives

Platform controls are a combination of Google Cloud infrastructure data location and personnel access primitives that support compliance by enforcing and restricting access by customers or Google personnel.

Free Tier

FedRAMP Moderate

The FedRAMP Moderate platform control sets support access controls for first level support personnel who have completed enhanced background checks. This means that Assured Workloads support cases are restricted to FedRAMP adjudicated first-level support staff. Data location controls are set to support US-only regions. Additional Google Cloud FedRAMP Moderate compliance information can be found on the FedRAMP compliance card.

Premium Tier

FedRAMP High

The FedRAMP High platform control sets support access controls for first and second level support personnel who have completed enhanced background checks and are located in the US. This means that Assured Workloads support cases are restricted to FedRAMP adjudicated first and second level support staff located in the US. Data location controls are set to support US-only regions. For more information about Google Cloud FedRAMP High compliance, see FedRAMP compliance card.

Criminal Justice Information Systems (CJIS)

The CJIS platform control sets support access controls for first- and second- level support personnel who have completed state sponsored background checks and are located in the US. This means that Assured Workloads support cases are restricted to CJIS-adjudicated first- and second-level support staff located in the US. Escorted session controls are also used to supervise and monitor support actions by non-adjudicated staff. Data location controls are set to support US-only regions. Additional Google Cloud CJIS compliance information can be found on the CJIS compliance card.

US Regions and Support

The US Regions and Support platform control sets support access controls for first-level support personnel who are located in the US. This means that Assured Workloads support cases are restricted to support staff located in the US. Data location controls are set to support US-only regions.

Preview

Impact Level 4 (IL4)

The IL4 (Preview) platform control sets support access controls for first- and second-level support personnel who have completed enhanced background checks, are US citizens, and are located in the US. This means that Assured Workloads support cases are restricted to IL4-adjudicated first- and second-level support staff located in the US and holding US citizenship. Data location controls are set to support US-only regions. For more information about Google Cloud IL4 compliance, see IL4 compliance card.

HIPAA

The HIPAA platform control supports data location controls to support US-only regions.

HiTRUST

The HiTRUST platform control sets support access controls for first-level support personnel who are located in the US. This means that Assured Workloads support cases are restricted to support staff located in the US. Data location controls are set to support US-only regions.

What's next