Infrastructure security
-
Google security overview
View a summary of security features in Google Cloud.
-
Google infrastructure security design overview
View a summary of security design features in Google infrastructure.
-
Binary Authorization for Borg: how Google verifies code provenance and implements code identity
Read about Google's code review process, its provenance, and Binary Authorization for Borg.
-
Remote attestation
Read about Google's approach to data center machine attestation.
Encryption
-
Encryption at rest in Google Cloud
Read how Google Cloud protects customer data at rest using encryption.
-
Encryption in transit in Google Cloud
Read how Google Cloud protects customer data in transit using encryption.
-
Customer-supplied encryption keys
Read how customer-supplied encryption keys work with Cloud Storage and Compute Engine.
-
Application layer transport security
Read how authentication and transport security works in Google Cloud.
-
Cloud HSM architecture
Read about the architecture of Cloud HSM.
-
Cloud Key Management Service deep dive
Read how Cloud KMS manages encryption keys.
Product-specific security whitepapers
Data and account security
-
Preventing data exfiltration
Learn how to use Google Cloud tools to help reduce the risk of data exfiltration.
-
Revoking access to Google Cloud
Learn how to revoke a person's access to Google Cloud projects.
-
Handling compromised Google Cloud credentials
Learn how to protect accounts in the event of compromised credentials.
-
Data deletion on Google Cloud
Read how Google deletes customer data.
-
Data incident response process
Read how Google manages and responds to data incidents in Google Cloud.