Google has announced that users will now be able to use bring-your-own-keys to encrypt compute resources, stating confidently that ‘security is at the core of Google’s architecture.’
Revealed in a company blog, company exec Leonard Law said: “Google Compute Engine already protects all customer data with industry-standard AES-256 bit encryption. Customer-Supplied Encryption Keys marries the hardened encryption framework built into Google’s infrastructure with encryption keys that are owned and controlled exclusively by you.
“You create and hold the keys, you determine when data is active or at rest, and absolutely no one inside or outside Google can access your at rest data without possession of your keys. Google does not retain your keys, and only holds them transiently in order to fulfill your request.”
Jacob Ginsberg, Senior Director at Echoworx, however, doubts that business’ data will be secured, although Google’s move does signal wider acknowledgment of data privacy. He said:
View original post 220 more words