UPDATED 15:05 EDT / APRIL 28 2021


Google Cloud and Workspace get new batch of cybersecurity features

Google LLC today added new cybersecurity features to Google Cloud and its Workspace productivity suite, formerly G Suite, including a set of machine learning models for preventing data leaks.

The update is rolling out a few days after Google’s Cloud Spanner database received cybersecurity upgrades as well. 

The machine learning models included in today’s update are being incorporated into Cloud DLP. It’s a service from Google that companies can use to find documents containing sensitive data and limit how they may be accessed. Thanks to the machine learning enhancements, Google says, Cloud DLP is now equipped to detect more effectively a dozen common types of sensitive documents, including SEC filings, court papers, patent applications, source code files and database backups.

A second set of upgrades is rolling out to Google’s Cloud VPC service. The product enables a company to isolate applications it hosts in Google Cloud from the public web, as well as from other internal workloads. If an application is important enough to necessitate VPC isolation, but at the same time still needs the ability to interact with certain external systems, customers can now balance the two requirements with a newly added feature called VPC-SC directional policies. 

VPC-SC directional policies make it possible to secure connections between otherwise isolated VPC environments. Google sees several use cases for the feature. One is enabling companies to share business data more easily with partner organizations that also use Google Cloud. Another is allowing information to be exchanged among a company’s own internal VPC environments, such as environments belonging to different subsidiaries. 

Administrators can customize how the feature works based on each deployment’s operational requirements. For example, a company could give an important business system broad access to cloud resources running in subsidiaries’ VPC deployments, but not provide the same degree of access the other way around.

Google Cloud’s encryption features are receiving a boost as well. Cloud External Key Manager, which lets companies encrypt data using encryption keys they store on their own infrastructure, now works with Google’s Cloud SQL managed database service and the Google Kubernetes Engine. Support has also been extended to the Dataflow real-time information processing service and Secrets Manager, which is used to store sensitive application data.

The other set of security enhancements Google announced today, for Workspace, are rolling out to the productivity suite’s Vault tool. Vault enables administrators to manage business files that employees store in Workspace services such as Drive. Google has revamped the interface with new tooltips that will give administrators pointers on how to set up retention rules and holds.

Retention rules make it possible to have certain files automatically deleted after a certain time period, such as if they’re subject to consumer privacy regulations that limit how long a company can hold onto records. Holds have the opposite function. They enable administrators to block important records from being accidentally deleted. 

Image: Google

A message from John Furrier, co-founder of SiliconANGLE:

Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and soon to be Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.

Join Our Community 

We are holding our second cloud startup showcase on June 16. Click here to join the free and open Startup Showcase event.


“TheCUBE is part of re:Invent, you know, you guys really are a part of the event and we really appreciate your coming here and I know people appreciate the content you create as well” – Andy Jassy

We really want to hear from you. Thanks for taking the time to read this post. Looking forward to seeing you at the event and in theCUBE Club.