- Last week we shared updates about the Google Cybersecurity Action Team and Work Safer program launched at Day 1 of Google Cloud Next 21. If you missed it, be sure to check out episode from last week
In addition to the Google Cybersecurity Action Team and the Work Safer Program, Google had a few other security updates to share. This episode, we will deep dive into few major cloud security updates at Google Cloud Next 21. As a special treat, we have another episode line up for you tomorrow for updates from Kubecon and HashiConf Conf
If you haven’t come across BeyondCorp yet, its Zero Trust cybersecurity framework developed/ modeled by Google that shifts access control from the traditional network perimeter to individual devices and users. The goal for BeyondCorp is to enable users to securely work anytime, anywhere and on any device without having to use a virtual private network, or VPN, to access an organization’s resources.
The addition of the new feature means Google cloud customers who use BeyondCorp enterprise can now authenticate to non-web application using their identity and device, without having to install any form of agent e.g. a VPN agent. All this straight from the Google Admin page where one can define policies for what is allowed and what is prohibited on a company device.
If you are familiar with XDR – which allows for Extended Detection and Response (XDR) across endpoints, networks, cloud and workspaces. Google also announced a new collaboration with Cybereason to deliver a cloud-native XDR solution . The intent is to automate prevention for common attacks, guide analysts through security operations and incident response, and enables arguably faster threat hunting.
They are also enhancing the integration between Chronicle
(a SaaS SIEM built on core Google infrastructure that provides security analytics at the speed) and Security Command Center (SCC) on GCP to allow for centralized alerts and investigative workflows across the two platforms, and enables threat-specific pivots by enriching SCC alerts with intelligence on associated threat actors and entities.
Google is also strengthening their protection of sensitive data through Automatic DLP (data loss prevention) which is in preview and ensuring encryption of data in transit using Ubiquitous Data Encryption, External Key Management, and Cloud Storage products.
- In other news Alibaba Cloud is set to open new datacentres in Thailand and South Korea in 2022. The e-commerce giant is the number one cloud computing player in China but has focused on expanding its footprint internationally which now covers markets such as Indonesia, Singapore, Malaysia and more recently, the Philippines. Alibaba also launched a new chip called Yitian 710, to power artificial intelligence applications on Alibaba’s cloud. Cloud computing is seen as a key profit driver for Alibaba over the long term, though it accounts for around 8% of the company’s total revenue at the moment.