This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Google Cloud Security
Google Cloud Security

Version management

Difference between version and

At line 1 added 35 lines
!!! Overview [1] [2]
[{$pagename}] offers proven capabilities to [Google Cloud Platform] [Customers] so that they can better secure themselves.
[{$pagename}] several components from [BeyondCorp]'s [Zero Trust] [Architecture]
* [Identity-Aware Proxy|https://cloud.google.com/iap/|target='_blank']
* [Cloud Identity service|https://support.google.com/a/answer/7319251?hl=en|target='_blank']
* [Security Key enforcement|https://cloud.google.com/security-key/ |target='_blank']
!! [Data At Rest] in [Google Cloud Platform]
Cloud Platform services always encrypt customer content that is stored at rest, with a few minor exceptions. [Encryption] is automatic, and no customer action is required. One or more encryption mechanisms are used. For example, any new data stored in persistent disks is encrypted under the 256-bit [Advanced Encryption Standard] (AES-256), and each encryption key is itself encrypted with a regularly rotated set of master keys. The same encryption and key management policies, cryptographic libraries, and root of trust used for your data in Google Cloud Platform are used by many of Google’s production services, including Gmail and Google’s own corporate data. This encryption is at no additional charge.
!! [Data In Transit]
Because it’s linked to most ISPs in the world, Google’s global network helps to improve the security of [Data In Transit] by limiting hops across the public [Internet]. [GCP Cloud Interconnect] and [GCP Cloud VPN] allow you to create encrypted channels between your private IP environment on premises and Google’s network. This allows you to keep instances completely disconnected from the public [Internet] while still reachable from your own private infrastructure.
!! [Google Cloud Platform] [{$pagename}]
These proven capabilities from [BeyondCorp] are available to [Google Cloud Platform] Customers:
* [Identity Aware Proxy]
* [Google Key Management Service] - [Key Management] service at Global Scale
* [Google Cloud Data Loss Prevention] - [Data Classification]
* [Hardware-secured key] - For use as a [Multi-Factor Authentication]
* [Shared VPC]
* [Google Cloud IAM] - Scalable Centralized [ACL] System
* [Google Remote Procedure Call] ([gRPC]) - [HTTP]/2 [RPC] Framework.
!! Category
%%category [Google Cloud Platform]%%
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [GOOGLE CLOUD PLATFORM SECURITY|https://cloud.google.com/security/|target='_blank'] - based on information obtained 2017-08-15-
* [#2] - [Google Infrastructure Security Design|https://youtu.be/O-JXFQezWOc|target='_blank'] - based on information obtained 2017-08-15-
* [#2] - [Google Infrastructure Security Design Overview|https://cloud.google.com/security/security-design/resources/google_infrastructure_whitepaper_fa.pdf|target='_blank'] - based on information obtained 2017-08-15-
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop