Google Cloud gains federal certification, adds a suite of new security features

Google Cloud, the fastest growing cloud business in an booming industry, announced a long list of new security features on Wednesday including denial-of-service protection, data transparency and a “Cloud Security Command Center” designed to give customers visibility into where sensitive data is located, firewall rules and resource deployment.

The command center is only in alpha right now, but it’s designed expressly to let teams know which data is open to the internet, which personally identifiable information and even which are vulnerable to cross-site scripting (XSS) vulnerabilities.

“Administrators can identify threats like botnets, cryptocurrency mining, and suspicious network traffic with built-in anomaly detection developed by the Google Security team, as well as integrate insights from vendors such as Cloudflare, CrowdStrike, RedLock, Palo Alto Networks, and Qualys to help detect DDoS attacks, compromised endpoints, compliance policy violations, network intrusions, and instance vulnerabilities and threats,” Google announced in a Wednesday blog post. “With ongoing security analytics and threat intelligence, enterprises can better assess their overall security health in a central dashboard or through APIs, and immediately act on risks.”

Google Cloud also gained the a Provisional Authorization to Operate (P-ATO) at the Moderate Impact level from GSA’s FedRAMP Joint Authorization Board (JAB). That’s big news as Google tries to cut into Amazon Web Services’s and Microsoft’s hold on the federal cloud market.

If Google Cloud is ever going to compete on that level — which is exactly where Google wants to be — government is a necessary target that’s now closer within reach.