SAN FRANCISCO – Google Next 2018 – Security and convenience are opposites in computing, but Google is looking to change that with new cloud access controls, including a hardware key for end users.
Google (Nasdaq: GOOG) is also rolling out new security tools for virtualized and containerized apps, as well as G Suite, in news announced Wednesday at its annual cloud conference.
Start with end-user access controls: The Titan Security Key, available now, is a physical key that end users carry with them, providing a second authentication factor for high-value users, such as Google Cloud admins.
Additionally, Context-Aware Access defines and enforces access policies based on a user's device, location and other attributes.
Shielded virtual machines on the Google Cloud Platform, available now in beta, are hardened by security controls defending against rootkits and bootkits. For containers, binary authorization provides security controls ensure only trusted container images are deployed on Kubernetes Engine. And Container Registry Vulnerability Scanning identifies security vulnerabilities early in the deployment pipeline.
For transparency, insight and control, Google is rolling out a Cloud Hosted Security Module, which is a hardware security module for cloud applications; access transparency to show how and why customer data is accessed; and improved geo-based access controls for its Cloud Armor service to protect against denial-of-service and web attacks (See Google Straps On Cloud Armor.)
For G Suite, Google is introducing G Suite Security Center Investigation Tool to identify security issues, triage threats and take action; and G Suite Data Regions to control the geographical location of G Suite data, for compliance purposes. (See Google G Suite AI Talks With Your Colleagues So You Don't Have To and Google Brings the G Suite Heat.)
Cloud providers are scrambling to offer security as a differentiator. Amazon Web Services Inc. recently launched Secrets Manager, to protect information such as database credentials, passwords and API keys, as well as firewall and configuration services. (See Amazon Automates Cloud Security.)
IBM Corp. (NYSE: IBM) recently introduced denial-of-service protection as well as security tools for Kubernetes running on bare metal. (See IBM Launches 'Continuous' Security & Kubernetes on Bare Metal.)
And Cisco Systems Inc. (Nasdaq: CSCO) recently updated its Tetration analytics for multi-cloud security. (See Cisco Automates Security in 'Any Data Center & for Any Cloud'.)
- Google Debuts Processor Boosting AI for IoT
- Google Brings the G Suite Heat
- Google G Suite AI Talks With Your Colleagues So You Don't Have To
- Google Launches Cloud Services Platform, a Toolkit for Kubernetes & Serverless Apps
- Google Debuts On-Prem Kubernetes Server
- Google Debuts Enterprise 'Grab and Go' for Chromebook Loaners
- Google Takes Transatlantic Cable for Solo Swim
— Mitch Wagner Executive Editor, Light Reading