SAN FRANCISCO – Google Next 2018 – Security and convenience are opposites in computing, but Google is looking to change that with new cloud access controls, including a hardware key for end users.

Google (Nasdaq: GOOG) is also rolling out new security tools for virtualized and containerized apps, as well as G Suite, in news announced Wednesday at its annual cloud conference.

Start with end-user access controls: The Titan Security Key, available now, is a physical key that end users carry with them, providing a second authentication factor for high-value users, such as Google Cloud admins.

Additionally, Context-Aware Access defines and enforces access policies based on a user's device, location and other attributes.

Figure 1: Photo by Google

Now entering its fifth year, the 2020 Vision Executive Summit is an exclusive meeting of global CSP executives focused on navigating the disruptive forces at work in telecom today. Join us in Lisbon on December 4-6 to meet with fellow experts as we define the future of next-gen communications and how to make it profitable.

Shielded virtual machines on the Google Cloud Platform, available now in beta, are hardened by security controls defending against rootkits and bootkits. For containers, binary authorization provides security controls ensure only trusted container images are deployed on Kubernetes Engine. And Container Registry Vulnerability Scanning identifies security vulnerabilities early in the deployment pipeline.

For transparency, insight and control, Google is rolling out a Cloud Hosted Security Module, which is a hardware security module for cloud applications; access transparency to show how and why customer data is accessed; and improved geo-based access controls for its Cloud Armor service to protect against denial-of-service and web attacks (See Google Straps On Cloud Armor.)

For G Suite, Google is introducing G Suite Security Center Investigation Tool to identify security issues, triage threats and take action; and G Suite Data Regions to control the geographical location of G Suite data, for compliance purposes. (See Google G Suite AI Talks With Your Colleagues So You Don't Have To and Google Brings the G Suite Heat.)

Cloud providers are scrambling to offer security as a differentiator. Amazon Web Services Inc. recently launched Secrets Manager, to protect information such as database credentials, passwords and API keys, as well as firewall and configuration services. (See Amazon Automates Cloud Security.)

IBM Corp. (NYSE: IBM) recently introduced denial-of-service protection as well as security tools for Kubernetes running on bare metal. (See IBM Launches 'Continuous' Security & Kubernetes on Bare Metal.)

And Cisco Systems Inc. (Nasdaq: CSCO) recently updated its Tetration analytics for multi-cloud security. (See Cisco Automates Security in 'Any Data Center & for Any Cloud'.)

Related posts:

— Mitch Wagner Executive Editor, Light Reading