(San Francisco) – People remain a huge responsibility to an organization's cloud security posture, but there are always new technologies that help IT gain more control and mitigate risks.
To that end, Google made several cloud security-related announcements here on Wednesday in Google Cloud Nextfrom context-aware access to a physical security key designed to provide additional authentication to high-value users, including cloud administrators.
With context-aware access, organizations can define and enforce granular access to GCP APIs, G Suite, and other third-party SaaS applications, including the ability to determine locations by IP addresses or identify unmanaged or managed devices. One of the factors that helped Google Cloud gain recognition from Forrester is how thorough its security controls were in a recent cloud security report.
Google is rolling out context-aware access capabilities to more services, including Cloud Identity and Access Management, Cloud Identity-Aware Proxy, and Cloud Identity.
Google said that physical keys are one of the strongest ways to protect against unauthorized access and phishing. A physical security key can prevent an organization from being next timehop By providing another layer of authentication. Titan Security Key is a new FIDO security key with tamper-resistant firmware developed by Google, available immediately to Google Cloud customers. Most customers will put this in front of high-value applications or users, Google engineers said.
Increased visibility and access control is an essential way for IT administrators to secure cloud environments. Google on Tuesday announced geo-access control for Cloud Armor, which allows users to control access to services based on the geographic location of the customer trying to connect to the app. The feature is now available in beta version.
Google on Tuesday also announced the beta of Protected Virtual Machines, which helps users ensure virtual machines have not been tampered with, and allows users to monitor and react to changes. Virtual machines have a set of security controls that protect against rootkits and bootkits, and guard against threats such as remote attacks, privilege escalation, and malicious hackers.
For customers looking for help getting HIPAA compliant, Google has announced that Cloud HSM will soon launch in beta. The cloud-hosted Hardware Managed Security Module (HSM) service allows users to host cryptographic keys and protect workloads without having to manage an HSM cluster.
