For internet-based businesses and other enterprises that rely on Google Cloud, it’s important to be in the know about what security improvements Google is making:
IoT Core security updates
In 2017, Google made its IoT Core service available in beta version globally before it was released fully the following year. In February 2018, a new feature was added to the fully managed service which allows users to securely connect and control millions of IoT devices around the world. The new feature simplifies deployments by letting users publish data streams to different Cloud Pub/Sub topics from the IoT Core protocol bridge.
Among the more advanced features is the ability for users to bring unique device keys that have been signed by their CA or Certificate Authority, as well as the ability to verify the user to whom a device key belongs. Improved security will always be good news as far as industrial IoT deployments are concerned.
The IoT Cloud is not the only beneficiary of security improvements, as Google has also improved the security features of G Suite and Google Cloud Platform.
Google Cloud Platform security updates
To stop malicious parties from extracting data from the cloud, Google provided an extra layer of security for businesses for their API-based services on GCP with the VPC Service Controls tool.
Another tool launched by Google is the Cloud Security Command Centre, which allows enterprises to gain greater insight into where they store their most sensitive data and which of their apps could suffer cross-site scripting attacks. The service also includes a feature that calls attention to any changes in security settings and firewall rules to ensure they were authorised.
Among the many cloud security risks to guard against, threats such as network intrusions, policy violations and DDos attacks are some of the most common. To protect users against these threats, Google is partnering with security vendors like Qualys, Palo Alto Networks, RedLock, CrowdStrike and Cloudflare. The company’s new Cloud Armour service is both an application and DDoS defence service.
Other security updates include tools for controlling access to GCP resources, improvements to the Data Loss Prevention API and new logging tools.
G Suite security updates
Now, users can personalise the dashboard, as well as access a number of new charts available on the dashboard. Also, features such as flagging emails from suspicious originators with embedded scripts or encrypted attachments are now turned on by default.
Even more, shortened URLs will now be expanded to allow scanning for malicious links, and users will now be warned when they get emails in which the sender tries to imitate the names of employees from domains that resemble the legitimate one.
Kubernetes security updates
Google launched the open-source Kubernetes project as part of the structure needed to make it less of a challenge for large enterprises to manage and run applications in hybrid environments. The company has now brought the Google Kubernetes Engine, used to manage containers in the cloud, to enterprise data centres. The GKE Policy Management tool allows Kubernetes administrators to manage every one of their security policies across clusters using a single tool.