Protect your educational institution using Google Cloud’s Security Command Center
Russell Goldenbroit
Security Practice Lead, SLED, Google Cloud
Academic institutions are becoming more susceptible to security breaches in the ever-expanding ecosystem of IT services. While facing challenges such as re-training staff on new skills, and expanding teams to support the increasing pace of work, many institutions are seeking tools and solutions to alleviate some burden on their IT security teams.
One of those tools is Security Command Center, which is available in Google Cloud to help protect institutions. Security Command Center is Google Cloud’s native security and risk management platform that helps educational institutions manage and improve their cloud security and risk posture. Security Command Center also helps institutions to protect against threats by providing security alerts against common risks such as crypto-mining or leaked credentials.
For example, faculty, staff and researchers commonly use Google Cloud to perform computations on data they’ve collected. A researcher can develop a new project in the institution’s Google Cloud organization and create the necessary virtual machines they need to run their tests, and then pass the remaining tasks to their students who work in the lab. As more students and staff access these virtual machines, the Institution’s security teams need to ensure their cloud environment remains secure.
For workloads created by the institution, security teams are interested in the following key aspects for keeping their environment secure:
Visibility: understand the number of projects and resources that are deployed. The researchers or graduate students working in the lab could succumb to a phishing email, putting their Google Cloud credentials at risk. With the Google Cloud credentials, hackers can perform unauthorized operations, spin up workloads for malicious activity, potentially causing brand damage and financial implications.
Detection: uncover threats targeting the institution’s resources; If the researchers are dealing with sensitive data like protected health information (PHI), it’s possible this data can be exfiltrated and cause significant damages if security teams are not alerted.
Misconfigurations: identify security misconfigurations and compliance violations in and resolve them by following actionable recommendations. When any institution faces a breach that compromises data, the brand can become tarnished. This can cause organizations to lose funding from external sources or students who lose trust in the security of their data.
Security Command Center (SCC) Premium helps institutions remain secure and understand their compliance posture through features such as:
Cloud Asset Inventory: A tightly integrated product with Security Command Center enables you to discover, monitor, and analyze your assets in one place. Institutions can verify what is running in their cloud environment and IT staff are alerted if a resource is associated with any security findings.
Security Health Analytics: A service that can identify misconfigurations in an institution’s Google Cloud resources. In addition, all findings are tied to the industry standard and compliance benchmarks. If any resource misconfigurations are identified or any vulnerabilities are detected, IT security staff can be alerted.
Web Security Scanner: A service that automatically detects web applications running in Google Cloud and starts scanning them for vulnerabilities. By identifying vulnerabilities, institution’s can help prevent attacks.
Event Threat Detection: A service that analyzes platform logs for identifying malicious activity, and can help an institution be alerted to a potential threat.
Container Threat Detection: A built-in service that detects the most common container runtime attacks and alerts security teams to any suspicious activity.
Virtual Machine Threat Detection: A service that provides an agentless memory scanning to help detect and alert an institution to threats like crypto mining malware inside the virtual machines running in Google Cloud.
Compliance Monitoring: Identify and remediate compliance violations among your assets in easily accessible reports
Security Command Center Premium can help provide educational institutions with the visibility of their security posture and surfaces threats, misconfigurations, and vulnerabilities in their Google Cloud environment before an attack can be successful. To learn more, check out our session “Actionable security for institutions with Google Cloud tools” from the Student Success series or chat with our team.