Cybersecurity Awareness Month—New security announcements for Google Cloud
Sam Lugani
Product Lead, Confidential Computing & Confidential AI
Rob Sadowski
Trust & Security Lead, Google Cloud
Security is at the heart of any cloud journey. On the one hand, as you adopt cloud services and move workloads to the cloud, you need to make sure you’re conforming to your established security policies. On the other hand, you can take advantage of new capabilities, use new tools, and help improve your security posture. Today’s announcements include new security features, whitepapers that explore our encryption capabilities and use-case demos to help deploy products optimally. These updates will help facilitate safer cloud journeys and give admins increased visibility and control for their organizations.
New Google Cloud Security Showcase videos
The Google Cloud Security Showcase is a video resource that’s focused on solving security problems and helping you create a safer cloud deployment. With more than 50 step-by-step videos on specific security challenges or use cases, complete with actionable information to help you solve that specific issue, there’s something for every security professional. We’ve added 2 new use-case based videos this month:
How do I get started on Confidential GKE nodes?
Built on Confidential VMs, which utilize the AMD Secure Encrypted Virtualization (SEV) feature, Confidential GKE Nodes encrypt the memory of your nodes and the workloads that run on top of them with a dedicated per-Node instance key that is generated and managed by the AMD Secure Processors, which is embedded in the AMD EPYC™ processor.
How do I enable safer and more productive meetings on Google Meet?
Get a deeper look at the security controls available within Google Meet and how to use them.
SMS based MFA in Identity Platform
Multi-factor authentication (MFA) is an essential option for users of online apps and services to help keep account data safe and protect against account takeovers. To better protect your applications and user accounts, Identity Platform, Google Cloud’s customer identity and access management platform, is making MFA via SMS generally available.
Refer to the quickstart guide for more information. If your project has multiple tenants, you will need to enable MFA individually for each tenant. Select the tenant that you want to enable MFA for using the drop down menu on the left navigation panel, and follow the same process as documented in the guide.
Encryption whitepapers for Google Cloud and Google Workspace
Central to our comprehensive security strategy is encryption in transit and at rest, which ensure that data can be accessed only by authorized roles and services with audited access to the encryption keys. Our updated encryption-at-rest whitepaper describes Google Cloud's approach to encryption at rest, and how we use it to keep your information more secure.
Alongside the encryption-at-rest whitepaper, we have rolled out a new Google Workspace encryption deep-dive whitepaper that details how Google Workspace helps keep your data safe with encryption. In this paper, you’ll find information around our encryption methodology and key management processes.
We also recently released a new Cloud Key Management Service Deep Dive whitepaper to help you make informed decisions about cloud key management. Discussing Google Cloud’s Key Management Service (Cloud KMS) platform and generally available key management capabilities, this paper can help you understand the options you have to protect your keys and other sensitive information you store in Google Cloud.
With these announcements, we’re adding to our constantly growing security portfolio that aims to help you prioritize security in your move to the cloud. To learn more about Google Cloud’s security vision and understand how to implement cutting-edge security technology in your organization, tune into the latest installment of our Google Cloud Security Talks on November 18th.