Google launches customer-supplied encryption keys for greater cloud security

James is editor in chief of TechForge Media, with a passion for how technologies influence business and several Mobile World Congress events under his belt. James has interviewed a variety of leading figures in his career, from former Mafia boss Michael Franzese, to Steve Wozniak, and Jean Michel Jarre. James can be found tweeting at @James_T_Bourne.


Google has launched customer-supplied encryption keys (CESK) for its Compute Engine infrastructure as a service (IaaS), which enables organisations to better protect their cloudy data.

The search giant automatically encrypts customer content stored at rest, including all Compute Engine disks, but in a blog post written by Maya Kaczorowski and Eric Bahna, product managers at Google Cloud Platform, the new release is aimed to be “secure, fast and easy” for users.

“With CESK, disks at rest are protected with your own key that cannot be accessed by anyone, inside or outside of Google, unless they present your key,” the blog notes. “Google does not retain your keys and only holds them transiently to fulfil your request, such as attaching a disk or starting a VM.”

“Customer-supplied encryption keys give us the fidelity and granular control to provide strong data protection assurances to our customers,” said Neil Palmer, CTO of advanced technology at FIS Global and a Google customer. “It’s a critical feature and Google’s approach is key to our end to end security posture.”

The IaaS space has been overwhelmingly examined in recent weeks due to various financial figures and analysis coming out. Alphabet, Google’s parent company, announced its Q2 results at the end of last month. While Google does not disclose specific revenues for its cloud arm, chief executive Sundar Pichai told analysts of the potential of combining cloud with machine learning. Google was also named on its own as a ‘visionary’ in the most recent Gartner Magic Quadrant for cloud IaaS. AWS and Microsoft, not for the first time, were on their own in the leaders’ section.

Currently, CESK is only available in Canada, Denmark, France, Germany, Japan, Taiwan, the UK and the US, with plans to expand to Australia, Italy, Mexico, Norway and Sweden later this month.  

You can find out more about CESK here.

View Comments
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *