Ride the Lightning

Google Cloud’s Defense In Depth Includes Physical Security

August 28, 2018

The New York Times featured a fascinating paid post about Google defense in depth. To fully protect customers' data, cloud platforms must have extraordinary security measures in place, spanning the virtual world and the physical. "Infrastructure security is very, very important in cloud computing," says Rob Sadowski, a member of the Google Cloud Trust and Security team. "Because if that underlying foundation is flawed, anything you store on it is going to be potentially at risk."

For more than two decades, Google has employed the comprehensive security approach called "defense in depth," which protects users and their data with multiple layers of security that build upon and reinforce one another. In the event that one layer is circumvented or compromised, many more are in place to prevent potential attackers from accomplishing their objectives.

Google has one of the world's largest data networks, with hundreds of thousands of miles of fiber optic cable optimized for performance and security — including undersea cables protected by shark-resistant armor. That cracked me up – some time back, when the U.S. government was tapping undersea cables, Google responded with end to end encryption. If we are now protected against sharks too, we're in a pretty good place.

By some estimates, Google delivers 25 percent of worldwide internet traffic on any given day. "Our private network sits apart from the public internet," Sadowski says. That means not only enhanced reliability and performance but also increased control and customized security for Google Cloud customers.

When you connect to a Google Cloud service, like Gmail or Google Drive, your data is encrypted in transit to a Google Cloud data center, where security is strict. Visitors to Google's South Carolina campus face increasing levels of security — starting out back by the center's three ponds. That's where an alligator showed up one day and never left.

Well, that's all the protection they need to keep me away!

There is a lot of physical security, including high fences surrounding the perimeter, vehicle-blocking gates, badge scanners and camera monitoring. Guards must confirm that visitors' names are on an exclusive list. Inside, security is more intense. "We use retina scans, high-resolution camera coverage, laser-based intrusion systems and more," Sadowski says.

Less than one percent of Google employees are granted access to the high-security zones in one of its data centers worldwide, where Google Cloud customer data is stored. The payoff? Row after row of secure servers, protected from the heat by an elaborate cooling system using recycled water from nearby sources.

Gotta be green, right?

Off-the-shelf security products can have security flaws that could be exploited, so Google Cloud creates some of its own hardware, such as the Titan chip. Google Cloud designed the chip because it has a very important purpose: to verify the integrity of the hardware and boot-up software in the data center's servers. These chips regularly check the servers, and if something seems awry — if any hardware or software can't be verified — that server will not start or be used until its integrity is confirmed.

The Titan chip's use in the checking process helps underpin Google Cloud's "zero trust" philosophy: "Essentially, something is considered bad," Sadowski explains, "unless it is verified to be good."

That's a new security principle to me – but I like it.

To help organizations protect their employees' identities, and to further safeguard the company's sensitive data, Google Cloud offers physical security keys. If a business chooses this extra level of protection, small cryptographic devices are required to be in employees' possession to log in to their accounts. A common attack method today is to "phish" users into giving away their account credentials. These keys make it very hard to compromise Google accounts. "Even if someone were to steal your username and password," Sadowski says, "that person wouldn't be able to log in without having this physical key present."

No security key, no access. Simple. I like that too.

Now, be mindful that this is a paid post, so there's some serious back-patting going on. But it has some independent backup.

The research company Gartner recently positioned Google Cloud as a leader in the 2018 Magic Quadrant for Public Infrastructure as a Service, highlighting the organization's security capabilities. And Forrester named Google Cloud a Leader in The Forrester Wave: Public Cloud Platform Native Security, Q2 2018. So maybe some back-patting is justified.

Hat tip to Dave Ries.

E-mail: Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology
https://www.senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson