Google Cloud Security

Why Google Cloud Security

One of the most important factors companies take into consideration when moving to the cloud is security. Indeed, when you consider that cloud architecture and policy misconfigurations account for 70% of all security challenges, the longer customers put off embedding security controls, the more their business is at risk.

Google Cloud coined the concept of ‘shared fate,’ defined as the model whereby the progenitor of cloud resources has a vested interest in reducing the risk inherent provisioning cloud resources and protecting data (the responsibilities of the customer in the ‘shared responsibility’ model). 

To that end, Google Cloud offers a few solutions to address some of the major challenges inherit to cloud security:

 

Posture Management

As you deploy cloud workloads, you need centralized visibility into them. You also need to surface vulnerabilities and clear pathways to respond to them

Security Command Center Premium resolves those needs. It is a built in security tool that lets you detect, prevent, and remediate vulnerabilities and threats. You can identify misconfigured VMs, containers, networks, storage, and IAM policies as well as web application vulnerabilities 

 

Enabling Remote Access with embedded threat and data protection 

The work from home and hybrid work paradigm has put more pressure on IT teams to ensure that employees can connect to internal applications without opening up their digital estate to eternal threats and vulnerabilities. With Google’s Beyondcorp, IT teams can extend their security policies - including threat and detection mandates - to all web applications. This is particularly powerful for Workspace customers with onboarded identities.

 

Bot & Fraud Protection

84% of companies saw an increase in the number of bot attacks in 2021, and spent on average 53 days to fully resolve one. You may be familiar with reCAPTCHA, a free service that has been defending 6 million + sites for over ten years. reCAPTCHA Enterprise is built on the existing reCAPTCHA API with added features creating a comprehensive anti-fraud and bot mitigation solution. Recaptcha enterprise can be embedded in mobile and web sites (say goodbye to those friction causing check boxes) and takes into consideration continuous machine learning factors to provide the most accurate fraud readings.

 

Threat Detection & Hunting

The Colonial Pipeline and the Kaseya MSP attack underline how creative and more prevalent malicious attacks and actors have become over the last eighteen months. It is more difficult than ever to be able to uncover the clues attackers leave behind, especially when you consider that security analysts have to comb through the petabytes of data multi and hybrid cloud enviornments produce - talk about finding a needle in a haystack. Indeed, legacy security information event management (SIEM) tools are becoming more expensive and less performant in light of the petabytes of data being created. 

Enter Chronicle, a global security telemetry platform for investigation and threat hunting, built on top of core Google infrastructure. Chronicle unmatched speed and scalability to analyze massive amounts of security telemetry, and intelligently stitches events and data so security analysis can quickly uncover how attackers are trying to maim compromise.

 

Resources

1 Page Solution Briefs

Deep Dive into Google Security Offers

Security Command Center landing page

Chronicle landing page

Beyondcorp landing page

ReCaptcha landing page

 

Contact Alex Popp to learn more, ask questions, and connect on accounts.