Google Cloud gets up to speed with AWS and Azure with launch of HSM crypto tool
Google Cloud has announced the launch of a managed cloud-hosted hardware security module (HSM) service – joining Amazon Web Services and Microsoft Azure in this security benchmark.
The Cloud HSM will enable customers to host encryption keys and perform cryptographic operations in FIPS 140-2 Level 3 certified HSMs, according to a company blog post.
To put this in perspective, the highest level for the FIPS 140-2 standard is Level 4, which aims to “provide a complete envelope of protection around the cryptographic module with the internet of detecting and responding to all unauthorised attempts at physical access.” Level 3, instead, requires “a high probability of detecting and responding to attempts at physical access, use or modification of the cryptographic module.”
Cloud HSM is tightly integrated with Google’s Cloud Key Management Service (KMS), which enables data protection in services such as BigQuery, Google Compute Engine, Google Cloud Storage and DataProc with a hardware-protected key.
The move came about, according to product manager Il-Sung Lee, because customers wanted more options to protect sensitive information and meet compliance mandates. This is despite Google claiming to be the only cloud provider that encrypts all customer data at rest.
“For those of you managing compliance requirements, Cloud HSM can help you meet regulatory mandates that require keys and crypto operations be performed within a hardware environment,” wrote Lee. “In addition to using FIPS 140-2 certified devices, Cloud HSM will allow you to verifiably attest that your cryptographic keys were created within the hardware boundary.”
Some may consider that this has been a long time coming for Google; Microsoft announced Azure Key Vault, a cloud-hosted HSM-backed service for managing cryptographic keys, as far back as the start of 2015. AWS’ CloudHSM tool is also widely documented.
Yet Google’s cloud operations have certainly been innovative elsewhere of late. Earlier this month the company announced the launch of pre-packaged AI services, around contact centres and talent acquisition, as well as supporting NVIDIA’s Tesla P4 GPUs, for graphics-intensive and machine learning applications.
Find out more about Google Cloud HSM beta here.#
Interested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.
- » Google Cloud exec laments delayed enterprise focus and chasing competition in farewell post
- » Ignore multi-cloud today and risk becoming irrelevant in five years, report warns
- » Cloud security and small businesses – what you need to know to avoid the pitfalls
- » Cloudera and Hortonworks merge for $5.2 billion in consolidation of big data market
- » Google Cloud CEO Diane Greene: On becoming a ‘major enterprise player’ – with AI as the heartbeat