Cloud Security Journey: from Ridiculous to Mainstream to Ridiculous
Cite this article
Earlier this morning, Google Cloud Platform (GCP) became the first major cloud provider to give customers full control over their data security, even when using native cloud services like BigQuery. At Next’19 in London, Google announced the launch of its External Key Management Service (EKMS), built in collaboration with Fortanix and PayPal.
How Cloud Security Journey Looks So Far
We need to zoom out a bit to see why it is so significant and why this announcement became the center of the keynotes and demos. Regulations like CCPA and GDPR are becoming increasingly localized, while businesses continue to expand globally. At the same time, the cost of non-compliance is rising fast.
Businesses rely on a growing set of clouds, services, and users. Almost everyone is “multicloud” (counting on-premises and one public cloud presence). This mix brings agility but also makes managing cloud data security more complex. How do businesses, then, control their #DataDestiny?
This is why GCP’s external key management service (EKMS) is groundbreaking.
With this new service, businesses can store and manage their encryption keys outside the cloud, either on-premises using Fortanix DSM or via a third-party data security service like Equinix SmartKey. Organizations can still use the same keys and policies across all their cloud apps and workloads.
This means: your data, your rules. You decide who accesses your data, how it's logged, how it's protected, and how long it stays. EKMS gives you visibility and control over your cloud data security solutions, regardless of which cloud service or infrastructure you use.
There’s still more to this story—some of it under wraps for now. If you're curious, get in touch with us or reach out to your GCP representative for details.
Implementing EKMS wasn't easy. It required deep engineering collaboration. Think about it: how do you integrate external key management with cloud-native services like BigQuery or Google Compute Engine, while maintaining performance, uptime, and SLAs?
It’s like asking if you can have your cake and eat it too. Then you realize encryption keys are a little more complex than cake—unless your cake comes from a grocery store and your key from a locksmith or a trusted encryption provider.
Credit where it’s due, kudos to the teams at Google and Fortanix for making it happen.
Why External Key Management Service (EKMS) Sets the Stage for the Future of Cloud Security
A service like EKMS may seem ridiculously difficult, niche, or complex today. But tomorrow, it could become the standard. As cloud adoption grows, businesses will demand cloud data security services that offer both simplicity and strong control.
The future of cloud adoption requires easy and comprehensive security control in the customers’ hands. In a short time, such a service will be a necessity for running anything worth protecting in the cloud.
It may even be mainstream. In a few years, when EKMS is used by default and future security generations do not even think about it, it will be a ridiculous topic to discuss. When was the last time you convinced someone, they needed Oxygen (or a smartphone!) to survive?
