14 DAY TRIAL // Google is going to help customers who want more control over the encryption of their data by offering them the chance to supply their own keys.
Following an announcement through which Google made its encryption key management service generally available, the company now introduces multiple levels of encryption offerings for the Google Cloud Platform customers.
By default, customer content is encrypted without any action required from said customer. Following this new announcement, Google offers its key management service for customers who want to get more control over how keys are rotated or deleted or when the change takes place. In short, customers can supply the keys themselves for Google Cloud Storage or Google Compute Engine.
Google's product manager Maya Kaczorowski told ZDNet that it's not a particularly difficult task, but it can be daunting if you have never dealt with cryptography before.
Multiple partners to help out
Google is now working with several services that can provide customer-supplied encryption keys: Gemalto, Thales, Virtru, Ionic and KeyNexus.
Some of these companies already have strong ties to Google. For instance, Kaczorowski mentioned Gemalto who has been supporting the client-side encryption with Google Cloud Storage for years.
Now that encryption has become a minimum requirement for the cloud, Google believes that developers are better prepared to handle providing their own encryption keys. Jeff MacMillan, KeyNexus CEO, said that back when Google started encrypting customer data, customers really weren't ready for it. Now that time has passed, however, this has changed as well.
"This is one of those differentiators of the cloud, which a lot on-premise solutions don't get. I might not choose to encrypt data in my private data center if I was a customer because I don't have the expertise, or it's too complicated... But by moving workloads to the cloud, customers get that by default... If you're going to move to the cloud, you better have it," Kaczorowski said.