The most common question we get in discussions is: “What is safer, my on-prem environment where I maintain control, or the cloud, where I need to rely on third parties ’”? Well, in reality things just aren’t that black or white. In the cloud, you’re responsible for part of the configurations of your environment as well, while you can never rely on the expertise and competences of the hyperscale cloud providers in your own environment.
Despite this important nuance, the message from the market is clear: the cloud, especially Google Cloud has a much higher degree of security than on-prem environments.
Why is Google Cloud safer?
There are several reasons why Google Cloud excels in the security aspect of the cloud. In the first place, there’s a strong focus on architecture.Google strongly believes in the zero-trust principle, which is the idea that every network, device, person or service cannot be trusted until it has proven itself. It also relies on thorough defence, with different capabilities and multiple layers of controls to protect against the impact of configuration errors and attacks.
Another important aspect is Google’s secure by design approach, meaning that Google includes the security aspect in every new project they start.
8 Cloud megatrends that make a difference
While Google is the front-runner of cloud security, they also wrote an extensive blog on the impact of general cloud trends on security. Here’s a little summary of the 8 megatrends that permanently lift the cloud to a higher security level:
- Economies of scale of the cloud: Google has to keep their cloud safe, which is a gigantic operation. They built their own systems, networks, storage and software stacks, all equipped with default security that is from the highest level. As the scale increases, the unit cost of control goes down, which means that it becomes cheaper to put those increasing baseline controls everywhere.
- Shared fate: More and more organisations make the decision to move to the cloud. The increase of cloud migrations forces cloud providers to ensure even higher security to reduce any risk!
- Healthy competition: In our head, Google is the only go-to cloud provider in the universe, but in reality there are others on the market, of course. That’s not necessarily a bad thing, because competition requires cloud providers to bring their security game to the next level.
- Cloud as a digital immune system: Any discovered threat, vulnerability or new attack technique provides for immediate global patching. As a cloud user, you benefit directly from this universal approach.
- Software-defined infrastructure: The cloud is software-defined and thus configured dynamically without the need for customers to be involved. From a security perspective, that means specifying security policies as code and continuously monitoring their effectiveness.
- Increasing Deployment Speed: Due to the sheer scale of the cloud, providers have had to automate software deployments and updates, typically with automated continuous integration/continuous deployment (CI/CD) systems. The same automation plays its part in implementing security patches faster than ever.
- Simplicity: Today, all cloud providers aim for abstraction and automatic operations to leave the ‘the cloud is complex’-myth behind. That enables them to work on a bigger scale: it gives them the opportunity to learn from the best operation innovations from tens of thousands of customers and to assimilate them for the benefit of everyone.
- Sovereignty meets sustainability: The cloud’s global scale and ability to operate in localised and distributed ways, creates three pillars of sovereignty. By getting the conversation going with customers and policymakers on those pillars, Google creates solutions that meet their specific security requirements.
We can’t wait to see the evolution of the security capabilities within Google Cloud. We are convinced that (Google) Cloud is the way to go to fully embrace the opportunities of innovation in a secure way. Do you want to know more about the security aspect of Google Cloud? Let us know!