UPDATED 12:01 EDT / JANUARY 11 2017

CLOUD

Google launches a new managed encryption service for its public cloud

Companies may not have to physically maintain the infrastructure that they rent from the cloud, but they still share much of the responsibility for protecting their deployments from hacking.

To ease the task, Google is adding a new key management service to its cloud platform today that promises to facilitate more effective encryption. Dubbed KMS, the addition enables users to take charge of the cryptographic ciphers with which their data is scrambled instead of leaving them to the search giant’s automated privacy mechanisms. As result, they’ll be able to take extra precautions with personally identifiable information and other sensitive workloads that require special care.

A cloud management provider, for instance, could use KMSto assign a different set of keys to each client’s deployment. And the service also provides the ability to regularly change ciphers in order to stay ahead of hackers. Under the hood, encryption is handled generated using BoringSSL, a homegrown version of the widely used OpenSSL library that Google originally created to protect its internal infrastructure.

Lastly, KMS integrates with the access management and auditing tools in the provider’s cloud to let companies monitor how keys are used. Google bills the service as an alternative to the on-premises hardware security modules that were required until now to provide such a high level of control. Many customers in regulated industries will probably keep using their existing modules because of legal requirements, but everyday enterprises now have an attractive new option for protecting their data.

KMS should thus help Google make its cloud more competitive against Amazon Web Services and Microsoft Corp.’s Azure, which have provided similar key management capabilities for quite some time. Additionally, the launch of the service marks a big milestone in the search’s giant broader efforts to improve information security.

Google has played an instrumental part in driving the adoption of HTTPS and regularly makes contributions to the cybersecurity community. Most recently, the company open-sourced a toolkit called Project Wycheproof that can help developers test their applications’ encryption for vulnerabilities. It’s said to be capable of detecting most known exploits in cryptographic libraries.

Image courtesy of Google

A message from John Furrier, co-founder of SiliconANGLE:

Support our open free content by sharing and engaging with our content and community.

Join theCUBE Alumni Trust Network

Where Technology Leaders Connect, Share Intelligence & Create Opportunities

11.4k+  
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+ 
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.

SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .

Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.