Is Google Cloud Platform adequately secured? Let’s check

Security is at the heart of the cloud provider market. If the services provided were vulnerable to attacks, the cloud would not exist. Let’s look at how the Google Cloud infrastructure is secured.


What is Google Cloud Platform?

Google Cloud Platform (abbreviated to GCP) is a set of over 200 cloud services and tools. Google provides server space and allows users to build their own tailor-made infrastructure in response to business needs.

GCP services consist of, among others:

  • virtual machines with almost unlimited computing power,
  • Google Cloud Platform databases,
  • services for advanced analytics in the cloud,
  • cloud storage,
  • PaaS services on Google Cloud Platform, e.g., for PHP, Python, Node.js and other programming languages,
  • tools for containerised applications, and Kubernetes cluster management platforms,
  • ready-to-use machine learning and artificial intelligence models,
  • services for security and access control.

Find out more about Google Cloud Platform on the FOTC website – a certified Google Cloud partner company.

Google Cloud Platform security. How is GCP secured?

The cloud is well-secured and hacking attacks are most often the result of human error or a security hole in the application itself. This is why service providers, in addition to strengthening security, also educate their customers – they present sets of good practices to prevent data leakage. In fact, it is up to users to decide whether their resources in the cloud are secure or not.

Google employs more than 1,000 cybersecurity and information security specialists to ensure the highest level of security for Google Cloud Platform services. The machines also have physical security – the data centres are designed and set up by specialists who take into account dangers such as fire, flooding, and lack of electricity; they take care of the right conditions, temperature or proper humidity, and a strictly limited group of employees has access to the physical servers.

Data in the cloud is encrypted at rest, in transit, and in use. Only the client has access to the encryption key – not even anyone from Google can read the data stored on GCP servers. Encryption of data in the cloud is the norm, whereas it is very rarely practised on physical servers.

Cloud providers are submitted to a number of regulations and security certifications and conduct regular audits, including SOC 1, SOC 2, SOC 3, SSAE 16, ISO/IEC 27001, ISO/IEC 27017 or ISO/IEC 27018.

Google Cloud Platform price. How are the costs calculated?

The cost of a cloud infrastructure service is charged according to the way it is configured and the level of consumption, usually charged on a per-minute or per-second basis.

For example, the cost of one of Google Cloud Platform’s most popular services, Compute Engine, a virtual machine service, will depend on, among other things:

  • the type of machine – what kind of performance, memory or vCPU (virtual CPU) you want it to have,
  • the location of the data centre – the price of the service will be different for a machine in Las Vegas, another for a machine in London, another for a machine in Tokyo,
  • the method of data transfer and network usage – depending on whether you use the public internet or the Google Cloud network,
  • the load – if the traffic is low and the application uses little computing power, the cost will be low; if the traffic increases, the service will scale up and with it the cost, in proportion to the load.