This article originally appeared at The WHIR
Google Cloud Platform is beginning to allow developers to manage their own encryption keys, providing them more control of their data security.
Prior to the Tuesday announcement, Google encrypted all of the data stored on its cloud, but also held the encryption key that provides access to encrypted data. This meant that there was some uncertainty whether someone infiltrating Google or Google itself could access data stored on its service.
Now, the “Customer-Supplied Encryption Keys” feature allows customers to use their own encryption keys as a free beta feature, providing customers more control around their data security, as long as they are able to securely store the encryption key.
“With Customer-Supplied Encryption Keys, we are giving you control over how your data is encrypted with Google Compute Engine,” Leonard Law, product manager forGoogle Cloud Platform for Enterprise, wrote in a blog post. “Keep in mind, though, if you lose your encryption keys, we won’t be able to help you recover your keys or your data – with great power comes great responsibility!”
“Google Compute Engine gives us the performance and scale to process high-volume transactions in the financial markets,” Sungard Consulting Services CTO Neil Palmer said in a statement. “With Customer-Supplied Encryption Keys, we can independently control data encryption for our clients without incurring additional expenses from integrating third-party encryption providers. This control is critical for us to realize the price/performance benefits of the cloud in a highly regulated industry.”