Jump to content



Photo

Google Cloud Storage Launches Automatic Server-Side Encryption

google cloud

  • Please log in to reply
9 replies to this topic

#1 +techbeck

techbeck

    Neowinian Senior

  • 18,162 posts
  • Joined: 20-January 05

Posted 15 August 2013 - 17:02

Starting today, all the data developers write to unstructured storage on Google’s Cloud Platform will now be automatically encrypted on Google’s servers. Google already encrypted data that was written to its Persistent Disks and Scratch Disks on its Compute Engine, but as the company just announced, all of the data written to Google Cloud Storage will now also be encrypted using the 128-bit Advanced Encryption Standard.

 

“The per-object key itself is encrypted with a unique key associated with the object owner,” Google explains in today’s announcement, and “these keys are additionally encrypted by one of a regularly rotated set of master keys.” By default, Google will manage the keys to this data for its users, but you can also still encrypt the data yourself prior to writing it to Cloud Storage. For those who are really paranoid about their encryption, having Google manage and store their keys is probably not an option. Google, however, says that it uses “the same hardened key management systems that Google uses for our own encrypted data, including strict key access controls and auditing.”

 

Google says the new server-side encryption is already active for all new data that is written to Cloud Storage, and older objects will be migrated and encrypted “in the coming months.”

 

It’s worth noting that AWS’s S3 cloud storage service has offered server-side encryption using the 256-bit Advanced Encryption Standard since abound 2011. For those who need to meet even stricter corporate, contractual and regulatory compliance requirements for data security, Amazon also recently introduced a dedicated (and pricey) Hardware Security Module for managing sensitive data and encryption keys in Amazon’s cloud.

 

http://techcrunch.co...ide-encryption/




#2 Torolol

Torolol

  • 2,903 posts
  • Joined: 24-November 12

Posted 15 August 2013 - 17:07

Secret Order from Secret Court: "Hand over the encryption keys bitch", and as law abiding firm, Google (and Microsoft) will comply.



#3 Xenon

Xenon

    Neowinian

  • 404 posts
  • Joined: 17-November 01

Posted 15 August 2013 - 17:09

Yea for privacy its useless.



#4 OP +techbeck

techbeck

    Neowinian Senior

  • 18,162 posts
  • Joined: 20-January 05

Posted 15 August 2013 - 17:09

Secret Order from Secret Court: "Hand over the encryption keys bitch", and as law abiding firm, Google (and Microsoft) will comply.

 

It is the law for them to comply if a court order is given.  They dont have to if they are not legally required.



#5 Growled

Growled

    Neowinian Senior

  • 41,508 posts
  • Joined: 17-December 08
  • Location: USA

Posted 15 August 2013 - 18:16

It is the law for them to comply if a court order is given.  They dont have to if they are not legally required.

I thought the new laws passed made them legally required even if the government just asks.



#6 OP +techbeck

techbeck

    Neowinian Senior

  • 18,162 posts
  • Joined: 20-January 05

Posted 15 August 2013 - 18:48

I thought the new laws passed made them legally required even if the government just asks.

 

Well, if thats the case...nothing anyone can do about it.



#7 excalpius

excalpius

    Neowinian Senior

  • 4,583 posts
  • Joined: 17-October 03

Posted 15 August 2013 - 19:02

Well, if thats the case...nothing anyone can do about it.

The Supreme Court can...and will...when it comes before them one day in the future.



#8 TrekRich

TrekRich

    Neowinian

  • 551 posts
  • Joined: 16-March 03
  • Location: England

Posted 16 August 2013 - 17:11

PIE is required.



#9 Pupik

Pupik

    Neowinian Senior

  • 6,157 posts
  • Joined: 09-December 05

Posted 16 August 2013 - 17:51

I wouldn't trust on server side encryption, especially when it's by Google nowadays. Just encrypt it yourself and then upload, as suggested by the article.



#10 TrekRich

TrekRich

    Neowinian

  • 551 posts
  • Joined: 16-March 03
  • Location: England

Posted 16 August 2013 - 20:13

Axcrypt or Truecrypt for the win.