Google Cloud Security offers proven capabilities to Google Cloud Platform Customers
so that they can better secure themselves.
Google Cloud Security several components from BeyondCorp's Zero Trust Architecture
Cloud Platform services always encrypt customer content that is stored at rest, with a few minor exceptions. Encryption
is automatic, and no customer action is required. One or more encryption mechanisms are used. For example, any new data stored in persistent disks is encrypted under the 256-bit Advanced Encryption Standard
(AES-256), and each encryption key is itself encrypted with a regularly rotated set of master keys. The same encryption and key management policies, cryptographic libraries, and root of trust used for your data in Google Cloud Platform are used by many of Google’s production services, including Gmail and Google’s own corporate data. This encryption is at no additional charge.
Because it’s linked to most ISPs in the world, Google’s global network helps to improve the security of Data In Transit
by limiting hops across the public Internet
. GCP Cloud Interconnect
and GCP Cloud VPN
allow you to create encrypted channels between your private IP environment on premises and Google’s network. This allows you to keep instances completely disconnected from the public Internet
while still reachable from your own private infrastructure.
These proven capabilities from BeyondCorp
are available to Google Cloud Platform
Google Cloud Platform
There might be more information for this subject on one of the following: