Google Announces New Cloud Key Management System
Google has announced a beta version of a new Cloud Key Management System (KMS) they’ve been working on, which will serve to supplement their server-side encryption and customer-controlled on-premise key management tools for Google’s Cloud Platform.
Cloud KMS allows Google customers to manage symmetric encryption keys in the cloud. These keys allow AES256 encryption and decryption in Galois / Counter mode. Customers can freely create, use, rotate, and destroy these symmetric encryption keys. This process can also be automated, setting a rotation schedule to automatically create a new version of the key at a specified time interval.
“As an alternative to custom-built or ad-hoc key management systems, which are difficult to scale and maintain,” stated Google product manager Maya Kaczorowski in a blog post, “Cloud KMS makes it easy to keep your keys safe.”
The new Cloud KMS will integrate with Google’s existing IAM and Cloud Audit Logging so that customers can manage and monitor key permissions and usage. The service is seen to be a good solution for highly regulated industries due to the ease of monitoring and reported security.
Google will reportedly bill users based on the number of keys being managed at $0.06 per active key version per month as well as usage frequency ($0.03 per key use per 10,000 operations).
This announcement is clearly an attempt for Google to make its Cloud Platform more attractive to the enterprise market, a market that they haven’t really done a great job at targeting in the past. It seems that they’ve decided it’s time to try to get a hand in this market as well, a decision which could prove very lucrative for them.