The enterprise is one area where Google is committing vast resources in order to gain a foothold in the lucrative market occupied by Amazon and Microsoft. Google Cloud’s latest efforts to attract customers are centered around security with 20 feature announcements today.
Google Cloud Platform
Back in 2016, Alphabet’s Jigsaw incubator expanded its Project Shield DDoS protection service to any news site. Google Cloud is now announcing Cloud Armor to provide similar protections for cloud applications. This service is built off the same technology and global infrastructure that protects Search, Gmail, and YouTube from similar attacks.
In January, G Suite added a new security center with a unified dashboard, analytics, and recommendations. Today, Google is adding a similar tool to manage the risks associated with storing data in the cloud. The Cloud Security Command Center includes the ability to “view and monitor an inventory of your cloud assets, scan storage systems for sensitive data, detect common web vulnerabilities and review access rights to your critical resources.”
This dashboard covers various Google Cloud Platform services like App Engine, Compute Engine, Cloud Storage, and Cloud Datastore. It can integrate with third-party security tools, as well as Google’s, to find cross-site-scripting, Flash injection, and other vulnerabilities.
Meanwhile, to help allay fears of Google accessing customer data, Cloud is adding an audit log of “authorized administrative accesses by Google Support and Engineering, as well as justifications for those accesses” called Access Transparency.
On the business front, Google Cloud has received U.S. certification so that federal, state, and location governments can use it services. This FedRAMP Rev. 4 Provisional Authorization to Operate rating applies to Google’s entire infrastructure, so that the company did not have to set aside an isolated data center or government-specific cloud.
For consumers, G Suite is adding advanced anti-phishing capabilities based on machine learning models that can quickly identify attacks. New default-on protections include flagging emails from untrusted senders that attach suspicious attachments, warning against email spoofing, and the ability to scan images and expand shortened URLs for malicious indicators and links.
The security center is adding new charts, health analysis, and the ability to organize the dashboard.
Meanwhile, Team Drives for large organization can better protect highly sensitive content through new controls like limiting file access privileges and Information Rights Management (IRM) to “prevent users from printing, downloading and copying files.”