Sign in / up

back to article What's holding you back from Google Cloud? Oh, OK... it was hoping you'd say 'lack of hardware security modules'

Google Cloud Platform has armored its cloud in metal by offering customers beta access to hardware security modules (HSM) to handle encryption keys. With a cloud-hosted HSM, GCP users can execute cryptographic operations on FIPS 140-2 Level 3 certified kit, which is one level short of the most stringent standard. Google isn't …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Mark 85

    (And for what it's worth, Google claims it's the only cloud vendor that encrypts all customer data at rest.)

    Since Google hosts it, it's their software, they probably hold the keys also. Same for the other cloudy providers. If they're hosting your data on their servers, it's in their control. Maybe someday customers using these "services" will grasp these concepts.

    7 3 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      If it’s a genuine point of interest to you then it’s worth reading up.

      Provided keys are the default, because most customers aren’t equipped to handle key material and don’t have the level of concern to take it on.

      Lots of larger ones insist on managing their own, though, and that’s an option too. Obviously if the customer loses the keys then the data is useless.

      That’s true for all 3 major players. Google are playing catch-up with the HSM, but their innovation here may be on cost given that it looks to be MUCH cheaper.

      2 0 Reply
    2. Pascal Monett Silver badge
      Reply Icon

      Re: they probably hold the keys also

      Not entirely convinced about that.

      Sync is a secure file storage system that claims not only encryption, but also that the user is the only person who has the keys.

      If Sync is telling the truth, then it is at least possible that Google does not have the keys.

      0 0 Reply
    3. Aodhhan
      Reply Icon

      No doubt they have access to the keys. Which is why I always believe it's better to use a 3rd party.

      The biggest item here, is to let us know with their services, how much latency is added to each of the most common cloud configurations--when using their HSM. Also, how much it will cost to decrease the latency. This goes for incoming and outgoing traffic.

      The cloud is a great place to reduce time and cost, provided you aren't worried about performance.

      0 0 Reply
  2. DJV Silver badge

    What's holding you back from Google Cloud?

    Holding me back? Two words: Google and Cloud.

    5 1 Reply
    1. Lorribot
      Reply Icon

      Re: What's holding you back from Google Cloud?

      Lack of trust, it's Google. Will use my data for something to benefit them. Google doesn't understand the concept of privacy.

      Is that enough?

      4 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like