Google Cloud platform is designed to make it possible for organizations to manage security, not just for the Google platform, but also for other cloud-based applications, run by the companies. And to make things a bit easier, Google is bringing new enhancements to its Cloud platform to improve the ability of organizations to manage security across multicloud.
The Cloud Platform now afford businesses context-aware access at no additional charges, coupled with the virtual private cloud security controls, previously in beta, which allow organizations to define security perimeters around certain resources such as storage buckets, BigQuery datasets, and BigTable instances.
While the Google Cloud Security Command Center, which was first introduced last year, now also generally available, will help companies to defend against cyberattacks around the cloud infrastructures.
Google has also partnered with third-party vendors for additional capabilities, such as StackRox to bring detail insights and security support for Kubenetes containers, which previously customers had to have two separate management panels, Google's own, and another for StackRox tools.
Now, StackRox data will be directly available through Google's Cloud Security Command Center, and the security data can be sourced from both private or public cloud provider for Kubernetes containers, and also providers offering non-Kubernetes containers.
Albeit, there is the downside of potential attack surface which can be larger than normally the case, as StackRox can analyze traffic patterns of applications, to identity which lines of communication are used, which it can shut down, and automatically handle such configurations.
Additional security issue, is the Kubernetes native management dashboard, which opened Tesla backdoor to hackers who were able to use Kubernetes platform to create new containers to run cryptomining software.
Google is nonetheless working tirelessly to protect its own services and users on both these fronts, and will be expanding its Android-based strong authentication, a separate, secure alternative to text messages, for companies to use with their own apps.