Identity & Security

Stay in control of your security with new product enhancements in Google Cloud

Cloud SCC.jpg

When it comes to securing your cloud infrastructure, there is no shortage of challenges. You want to retain the visibility and control you had on-premises, while taking advantage of all the benefits the cloud can provide. The adoption of cloud-based services, for example, makes it easier for your development teams to quickly build and push services into production. However, this can unintentionally create Shadow IT, where you don’t know what services are running and if they’re secure.

Today, we’re excited to announce the beta of Security Health Analytics, a security product that integrates into Cloud Security Command Center (Cloud SCC). Security Health Analytics helps you identify misconfigurations and compliance violations in your Google Cloud Platform (GCP) resources and take action. In this blog, we’ll look at how Security Health Analytics can help you stay in control of your Google Cloud security, including a real-world example from a customer, AirAsia. 

Staying in control of security in Google Cloud: AirAsia
AirAsia is the largest low-cost carrier in Asia as measured by passengers, and serves more than 150 destinations across 23 markets. Skytrax has named it the world’s best low-cost airline for 11 years running. As a company with a reputation for getting customers where they need to go without breaking the bank, AirAsia has several security practices in place to ensure that their budget goes to keeping their customers’ travel costs low, and not to recovering from security breaches. 

AirAsia’s large IT operation requires the ability to provision virtual machines (VMs) and spawn containers in Google Kubernetes Engine (GKE). The company also uses App Engine to build applications in Google Cloud. They chose Google Cloud because it offers far more flexibility, agility, and cost-effectiveness than other computing methods. 

While running these critical workloads in Google Cloud, AirAsia uses Security Health Analytics to see if their resources are configured properly and compliant with CIS benchmarks. 

“Being able to go to the new Security Health Analytics dashboard eliminates the guesswork of what we have running and if it is secure,” says Muhammad Faeez Bin Azmi, Information Security and Automation Solution Architect. “Now anyone on our team, even non-security professionals, can go to this dashboard and see a list of the misconfigured assets and compliance violations across all of our GCP resources. We can also see the severity of misconfigurations, which helps us prioritize our response.”

To see what this looks like, below is an example Security Health Analytics Vulnerabilities dashboard showing potential security issues—called findings. When you click on a finding, you get a step-by-step remediation plan for how to solve the particular issue, such as an open firewall (shown below) or overly privileged access to a storage bucket, and a link that takes you directly to the impacted resource.

Security Health Analytics Vulnerabilities dashboard.png

Faeez adds, “Security Health Analytics has really helped us reduce the amount of time we spend trying to figure out what’s wrong with our resources. It's allowed us to use our time more effectively to identify and resolve more security issues than we could before.” 

New to Security Health Analytics is its support for CIS benchmarks. Security Health Analytics is now fully certified by the Center for Internet Security (CIS) to monitor Google Cloud Platform Foundation benchmarks—recommendations for keeping your GCP resources secure and compliant. For example, the screenshot below shows how Security Health Analytics actively monitors for assets that violate CIS recommendation 5.1 (securing public storage buckets), which can help you identify and remediate storage buckets that are accessible to the public and prevent a data breach before it occurs.

GCP dashboard.png

To see step-by-step instructions for enabling Security Health Analytics, check out our video.

If you’re new to GCP and want to give these features a try, start your free GCP trial, enable Cloud SCC, and then turn on Security Health Analytics. 

If you’re an existing customer, simply enable Security Health Analytics from Security Sources in Cloud SCC. For more information on Security Health Analytics, read our documentation.