Google announced a new beta capability on its Cloud Platform Blog: support for customer-supplied encryption keys – “Bring Your Own Encryption Keys to Google Cloud Platform” The feature lets users create and hold the keys, determine when data is active or “at rest,” and prevent anyone accessing their “at rest” data. Richard Blech, CEO and Co-Founder, at Secure Channels commented on the Google’s new User Encryption offering.
Richard Blech, CEO and Co-Founder, at Secure Channels :
“This is a marketing ploy by Google who is implying that using their custom encryption engine allows you, the consumer, to control your own encryption key(s) for Google’s Compute Engine. The consumer is given a false sense of security because they are bringing “their own” encryption keys to the cloud. Google’s platform is not agnostic and uses their engine to create the keys as well as protect the data. Whether this is good or not is not the question, but what is certain, is that it is not BYOE. In order to have true BYOE, the user must be able to define and control the encryption and the keys themselves, and be able to use them agnostically with all environments and applications.”[su_box title=”About Secure Channels” style=”noise” box_color=”#336588″]Secure Channels‘ robust, state-of-the-art PKMS2 encryption renders all types of data fully protected and unreadable. eliminating any potential for back door access and mining – by governmental agencies and even by Secure Channels’ own systems and personnel. It is recognized as being orders of magnitude more secure than all known commercial security industry encryption methods.[/su_box]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.