UPDATED 01:37 EST / AUGUST 04 2016

NEWS

Google allows cloud customers to lock down their own data

Google has made its Customer-Supplied Encryption Keys (CESK) option for Google Compute Engine generally available. Customer content will still be encrypted by Google as the default option, but customers can choose to use CESK for better control over their data’s security.

At present, Google Cloud Platform uses one or more encryption mechanisms automatically, and data at the storage level is also encrypted with AES256 or AES128, but this method isn’t totally secure as it’s theoretically possible for someone to steal the keys from within Google itself and then access customer’s data. With CESK, that’s no longer possible as Google no longer has access to the keys. The company provides more information about how CESK works in this whitepaper.

“Customer-supplied encryption keys give us the fidelity and granular control to provide strong data-protection assurances to our customers,” said Neil Palmer, CTO of Advanced Technology at FIS Global in a Google blog post. “It’s a critical feature and Google’s approach is key to our end-to-end security posture.”

Google first introduced CESK for Compute Engine in beta last year. One benefit is that it allows companies to tell their clients that encryption keys are not stored with third parties. However, the main disadvantage is that data could end up being left inaccessible if a customer loses its keys, as Google has no way of recovering them or accessing the data they protect.

Google said CESK is now available in the U.S., the U.K., Canada, France and Germany. Other countries, including Australia, Italy, Mexico, Norway and Sweden are set to be added later this month.

Google’s move brings it in line with Amazon Web Services (AWS), Box Inc., and Microsoft Azure, all of which allow customers to supply their own encryption keys. One rarely discussed benefit for cloud providers that offer this service is that it gives them a way to sidestep requests for access to data from government agencies, which is a big privacy issue in the industry that’s yet to be resolved.

Image credit: 733215 via pixabay.com

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU

Cookies

We employ the use of cookies. Find out more.