Customers of the Google Cloud Platform that want extra assurance about the security and integrity of their critical business data can now get software giant SAP to act as a custodian for them.
Google and SAP announced a partnership earlier this year aimed at ensuring that SAP's wide portfolio of enterprise software technologies run optimally on the latter's cloud platforms.
As part of the effort, the two companies are working to get SAP's HANA in-memory database technology certified on the Google Cloud Platform. SAP and Google are also working to more tightly integrate the latter's G Suite productivity applications and machine-learning technologies with SAP's products.
This week's data custodian announcement is another result of that partnership between the two companies.
How the Model Works
The custodian model is designed to ensure that enterprises with specific requirements for managing sensitive data in the cloud now have a way of verifying compliance with those requirements, Google's cloud security engineering director David Cross said on Google's The Keyword blog.
The model will give enterprises a way to define the set of security controls they want for data running on Google's cloud services. They can then use SAP to keep an eye on the data and ensure that Google is handling it in the specified manner.
The immediate focus of the custodian model is on ensuring SAP has greater visibility over data access for Google cloud services. Over the next several months, Google and SAP will work together to develop and enable similar transparency over customer data handling on Google Cloud Platform.
Having SAP serve as a data custodian eliminates the need for an organization to develop in-house capabilities for monitoring the manner in which Google stores and processes their data, Cross said. SAP already has deep expertise and knowledge of Google's security capabilities, workflows and control, he said.
"With SAP as a data custodian, customers have additional confidence that their data is accessed and stored in compliance with their defined data sovereignty, privacy and protection policies," Cross wrote in the blog.
Some Storage Requirements Already Set by Government, Industries
Many businesses that currently store and process sensitive business data on Google's cloud services are covered under government and industry regulations that require adherence to a strict set of security and privacy controls. The requirements are typically part of a broader set of government, risk and compliance controls that companies have to meet, he noted.
Google's cloud services already offer multiple enterprise-grade mechanisms for protecting sensitive data in a manner compliant with regulatory requirements, Cross said.
The measures include server and software stack security, controls for data access and data disposal, multiple authentication and intrusion-prevention controls, data-encryption tools and penetration-testing services.
All of Google's data centers also offer multiple layers of physical security controls, ranging from electronic access cards and alarms to biometric authentication and laser-beam based intrusion detection systems. In addition, Google's team for overseeing cloud security currently has more than 750 security experts in a wide range of areas.