Web Analytics
  • Secure Channels

CEO Richard Blech Unimpressed By Google’s Efforts

Google Debuts ‘Bring Your Own Encryption’

Google has announced a new beta capability: support for customer-supplied encryption keys.

The feature lets users create and hold the keys, determine when data is active or “at rest,” and prevent anyone accessing their at-rest data within the Google Cloud Platform.

“Google Compute Engine already protects all customer data with industry-standard AES-256 bit encryption,”” explained Leonard Law, a Google researcher, in a post. “Customer-supplied encryption Keys marries the hardened encryption framework built into Google’s infrastructure with encryption keys that are owned and controlled exclusively by you….Google does not retain your keys, and only holds them transiently in order to fulfill your request.”

The feature may be especially useful for larger enterprises in certain verticals, like banking.

“Google Compute Engine gives us the performance and scale to process high-volume transactions in the financial markets,” said Neil Palmer, CTO of Sungard Consulting Services. “With customer-supplied encryption keys, we can independently control data encryption for our clients without incurring additional expenses from integrating third-party encryption providers. This control is critical for us to realize the price/performance benefits of the cloud in a highly regulated industry.”

Not everyone is impressed. Secure Channels CEO and co-founder Richard Blech said in an e-mailed comment that the feature positions itself as bring-your-own encryption (BYOE), but that it’s nothing more than a “marketing ploy by Google, who is implying that using their custom encryption engine allows you, the consumer, to control your own encryption key(s) for Google’s Compute Engine.”

He commented that Google’s platform is not agnostic and uses its own engine to create the keys as well as protect the data.

“Whether this is good or not is not the question, but what is certain, is that it is not BYOE,” he said. “In order to have true BYOE, the user must be able to define and control the encryption and the keys themselves, and be able to use them agnostically with all environments and applications.”

He added, “The consumer is given a false sense of security because they are bringing ‘their own’ encryption keys to the cloud.”

Find the original article here.

#Irvine #CyberSecurity #google #BYOE #RichardBlech #AES256 #innovation #Breach #CyberAttack #Encryption #GoogleBYOE #SecureChannels

Secure Channels BRINGS to market data encryption, cryptographic protocols, and access control/ privileged access/ user authentication technologies in the form of licensable tools, end user platforms and purpose-built solutions, SERVING software & application developers, hardware OEM and device manufacturers, and enterprise organizations, WHO place a premium on cybersecurity, risk reduction, and operational performance benefits or competitive differentiation provided, ALLOWING them to replace, augment, or introduce to new cryptography into their products or environments, PROVIDING material and measurable cybersecurity protections, risk reduction and data breach mitigation.

Secure Channels Inc. 

2102 Business Center Drive, Suite 130  |  Irvine, CA 92612  |  T: (949) 208-7525  |  E: contact@securechannels.com

Follow us!

  • Facebook
  • LinkedIn
  • Twitter

Copyright © 2020 Secure Channels Inc. All rights reserved