Google Shared Responsibility Model explains the responsibilities of Google and its customers to ensure data security when using the Google Cloud Platform (GCP). This model is critical to grasp as it outlines the responsibility of the customers and the Google Cloud Platform. This blog will briefly share the Google Shared Responsibility Model for the Google Cloud Platform and how it works.
Google’s Responsibility (Google Cloud Platform)
Google is responsible for securing cloud infrastructure, and customers are responsible for securing what they are putting in the cloud. Here, we will share a few points that help users understand Google’s responsibility to secure cloud infrastructure.
- Physical Security: Google is responsible for providing security to the physical data centers, where all the servers and hardware are located to power the Google Cloud Platform. It restricts cloud access, protects physical servers and hardware, etc.
- Network Security: Google takes care of network security, including firewalls, VPNs, and encryption to keep data secure. It ensures that the networks and connections are safe for all cloud services.
- Hypervisor Security: It also secures the hypervisors so that users can run virtual machines (VMs) on the physical servers.
- Software & Hardware Security: The security of hardware, like servers and storage devices, is also managed by Google. Moreover, it also handles updating the system to provide users with the latest features and prevent them from disrupting scenarios.
Google’s job is to secure things like servers, networks, hypervisors, and storage devices. Let us now look at the responsibilities of customers for their data in the cloud infrastructure.
Customer’s Responsibility to manage data in the Cloud Server
All the data customers will save on the cloud is their responsibility, and they must secure all stored essential data. Let us explain customers’ responsibilities more briefly.
- Cloud Data Security: Customers are responsible for securing their essential data in the cloud. Users can create backups of crucial data, protect sensitive data, and set up encryption for data security.
- Identity & Access Management: It allows customers to control who can access their resources in the cloud, avoiding unauthorized access. They can easily set up roles and permissions for those who can access the virtual machines, storage devices, and other services.
- Apps Security: It is the customer’s duty to ensure that they are installing or deploying a secure application on the cloud. For this, Google offers some practices, but at last, it all lies upon the customer to secure their data in the cloud server.
- Operating System Security: If customers are running the virtual machines on the cloud server, make sure to keep the OS up to date. This will ensure data security and check that the security settings are correctly configured.
- Monitor & Compliance: Use Google’s tools to monitor and maintain compliance. Make sure your usage of Google Cloud aligns with the necessary regulations and compliances, including GDPR, HIPAA, and others.
The Shared Responsibility Model: A Quick Understanding
This section will share a quick understanding of Shared Responsibility Model for Google and customers.
| Google Cloud Platform (GCP) | Google’s Responsibility | Customer’s Responsibility |
|---|---|---|
| Physical Security | Yes | No |
| Network Security | Secures Networking Architecture | Secures VPC, Firewalls, etc. |
| Hardware & Hypervisor | Yes | No |
| Operating Systems & Applications | No | Customers are responsible for OS, apps, and code security. |
| Data Security | Google ensures infrastructure data security. | Customers must create regular backups, encryption, etc. |
| Compliance | Google ensures to comply infrastructure with the regulations. | Customers ensure their workloads comply with the regulations |
The Closing Thoughts
This blog has shared a brief knowledge of the Google Cloud Shared Responsibility Model. Moreover, we have also learned about Google and customers’ responsibilities in terms of securing their cloud data. Customers must be ensured that they back up regularly and use encryption to secure data on the cloud. Also, manage access to prevent unauthorized persons from accessing your resources. Although Microsoft provides data security, the customer must still protect data within the cloud.