Google Cloud gets up to speed with AWS and Azure with launch of HSM crypto tool


Google Cloud has announced the launch of a managed cloud-hosted hardware security module (HSM) service – joining Amazon Web Services and Microsoft Azure in this security benchmark.

The Cloud HSM will enable customers to host encryption keys and perform cryptographic operations in FIPS 140-2 Level 3 certified HSMs, according to a company blog post.

To put this in perspective, the highest level for the FIPS 140-2 standard is Level 4, which aims to “provide a complete envelope of protection around the cryptographic module with the internet of detecting and responding to all unauthorised attempts at physical access.” Level 3, instead, requires “a high probability of detecting and responding to attempts at physical access, use or modification of the cryptographic module.”

Cloud HSM is tightly integrated with Google’s Cloud Key Management Service (KMS), which enables data protection in services such as BigQuery, Google Compute Engine, Google Cloud Storage and DataProc with a hardware-protected key.

The move came about, according to product manager Il-Sung Lee, because customers wanted more options to protect sensitive information and meet compliance mandates. This is despite Google claiming to be the only cloud provider that encrypts all customer data at rest.

“For those of you managing compliance requirements, Cloud HSM can help you meet regulatory mandates that require keys and crypto operations be performed within a hardware environment,” wrote Lee. “In addition to using FIPS 140-2 certified devices, Cloud HSM will allow you to verifiably attest that your cryptographic keys were created within the hardware boundary.”

Some may consider that this has been a long time coming for Google; Microsoft announced Azure Key Vault, a cloud-hosted HSM-backed service for managing cryptographic keys, as far back as the start of 2015. AWS’ CloudHSM tool is also widely documented.

Yet Google’s cloud operations have certainly been innovative elsewhere of late. Earlier this month the company announced the launch of pre-packaged AI services, around contact centres and talent acquisition, as well as supporting NVIDIA’s Tesla P4 GPUs, for graphics-intensive and machine learning applications.

Find out more about Google Cloud HSM beta here.

Your Comment:

Related Posts


latest cloud security news

2018 Cloud Security Report Released Today

Reference: Crowd Research Partners today released the 2018 Cloud Security Report which includes the following takeaways: Cloud Security Issues-The top three security control challenges security operations centers (SOCs) are struggling with are visibility into infrastructure security (43%), compliance (38%),and setting consistent security policies across cloud and on-premises environments (35%). Effective cloud security solutions – Encryption of data at rest [...]


latest cloud security news

Cloud security and small businesses – what you need to know to avoid the pitfalls

Reference: Today we work in a world that is increasingly connected, convenient and cloud-based. This comes with a world of benefits not just for enterprises, but also for small to medium sized businesses (SMBs). It’s now easier than ever to share documents in the cloud, video-conference with colleagues across the world and compile resources so that[...]