Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cloud
    • Cloud

    Google Uses Multi-Layered Controls to Protect Data in the Cloud

    By
    Jaikumar Vijayan
    -
    January 18, 2017
    Share
    Facebook
    Twitter
    Linkedin
      Google Cloud Security 2

      Data security and trust have long been major concerns for organizations considering cloud-computing options.

      In an apparent bid to allay these fears among its customers at least, Google has released a new whitepaper enumerating the complex multi-layered strategy the company uses to protect enterprise data in the cloud.

      The paper shows that Google has deployed security controls in six progressive layers starting with physical and hardware security at the bottom and operational security controls at the top of the stack.

      A lot of the technology in Google’s data centers is home built and incorporates what the company claims are multiple physical security controls.

      Access to Google’s data centers is tightly restricted and only a “very small fraction” of Google employees ever have access to the facilities housing the systems that power the company’s range of cloud computing services. Security measures for controlling facility access include biometric identification, laser-based intrusion detection systems, vehicle barriers, metal detection and webcams.

      Google’s cloud hardware level security measures include a secure boot stack for ensuring that all hardware in the company’s data centers are booting from the appropriate software stack and separate machine identity technologies for authenticating all hardware.

      A range of access management technologies, service identity, integrity and isolation tools and technologies like encryption represent Google’s effort to protect its service deployment layer.

      The company’s basic approach for securing the service layer is to make sure the hardware and software infrastructure does not assume any trust between the services running on them. “In other words, the infrastructure is fundamentally designed to be multi-tenant,” according to the Google whitepaper.

      All inter-service communication for instance is protected via cryptographic authentication and authorization. All services have their own account identity and cryptographic credentials for proving its identity.

      One step higher in Google’s security stack is user identity and access management of end user data. According to the whitepaper, Google uses a central identity service, which issues so- called end-user permission tickets for identifying and authenticating users to multiple Google services after they have successfully logged into one.

      Data encryption and data deletion are the two big controls that Google uses to protect the customer data in its massive storage systems. Google’s storage services can be configured to encrypt data before it is written into storage.

      The company, according to the whitepaper, uses a multiple step processes with verification along the way to ensure that decommissioned storage systems do not contain customer or other sensitive data. Devices that do not pass the verification steps are shredded or destroyed in other ways on premise.

      A set of controls such as those for safe software development, intrusion detection and insider risk management comprise Google’s control at the operational level.

      On the software development front, for instance, Google provides software libraries that are designed to prevent developers from making certain, previously known classes of security flaws. The company also has a flood of automated security testing tools including fuzzers for vulnerability searches in software, static software analysis tools and web security products.

      As part of Google’s efforts to batten down the hatches at the operational level, the company also invests a significant amount of money on vulnerability research and finding zero-day bugs, the whitepaper said.

      Avatar
      Jaikumar Vijayan
      Vijayan is an award-winning independent journalist and tech content creation specialist covering data security and privacy, business intelligence, big data and data analytics.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×