Google Cloud Storage Launches Automatic Server-Side Encryption


Recommended Posts

Starting today, all the data developers write to unstructured storage on Google?s Cloud Platform will now be automatically encrypted on Google?s servers. Google already encrypted data that was written to its Persistent Disks and Scratch Disks on its Compute Engine, but as the company just announced, all of the data written to Google Cloud Storage will now also be encrypted using the 128-bit Advanced Encryption Standard.

 

?The per-object key itself is encrypted with a unique key associated with the object owner,? Google explains in today?s announcement, and ?these keys are additionally encrypted by one of a regularly rotated set of master keys.? By default, Google will manage the keys to this data for its users, but you can also still encrypt the data yourself prior to writing it to Cloud Storage. For those who are really paranoid about their encryption, having Google manage and store their keys is probably not an option. Google, however, says that it uses ?the same hardened key management systems that Google uses for our own encrypted data, including strict key access controls and auditing.?

 

Google says the new server-side encryption is already active for all new data that is written to Cloud Storage, and older objects will be migrated and encrypted ?in the coming months.?

 

It?s worth noting that AWS?s S3 cloud storage service has offered server-side encryption using the 256-bit Advanced Encryption Standard since abound 2011. For those who need to meet even stricter corporate, contractual and regulatory compliance requirements for data security, Amazon also recently introduced a dedicated (and pricey) Hardware Security Module for managing sensitive data and encryption keys in Amazon?s cloud.

 

http://techcrunch.com/2013/08/15/google-cloud-storage-now-features-server-side-encryption/

Link to comment
Share on other sites

Secret Order from Secret Court: "Hand over the encryption keys bitch", and as law abiding firm, Google (and Microsoft) will comply.

 

It is the law for them to comply if a court order is given.  They dont have to if they are not legally required.

Link to comment
Share on other sites

It is the law for them to comply if a court order is given.  They dont have to if they are not legally required.

I thought the new laws passed made them legally required even if the government just asks.

Link to comment
Share on other sites

This topic is now closed to further replies.