Machina Tools — SDKs | Developers can leverage Ionic's Machina Tools with their language of choice to add data access policy enforcement, data access control and protection services to any application, endpoint or device. With…
Enforce External Control Over Your Data and Keys in Google Cloud
MachinaTM for Google Cloud External Key Manager (EKM)
The pressure to move sensitive data to the cloud has never been greater due to a sudden shift to a more remote workforce. Meanwhile the risks of data breaches and unauthorized access have never been higher. Even though Google Cloud Platform (GCP) provides physical and infrastructure security, plus several other options at the platform level, you are responsible for protecting your data and controlling how it is accessed and used.
Having full control over your data is the key to successful cloud adoption and migration. Customer-managed trust cannot be implemented when you store your data and the keys to access the data in the same location, managed by GCP. Introducing a third party into the risk model to handle encryption, access controls, and policy management puts you in control of your data.
As a selected GCP partner, Machina enables you to create, use and store your own encryption keys in an external system outside of GCP. Learn how Machina integrates with Google Cloud EKM to enable you to control the security of and access to your data in BigQuery and resources in Compute Engine, such that you can even deny Google the ability to decrypt your data for any reason. In addition, Machina supports GCP’s Key Access Justifications that provides EKM customers a justification every time the external hosted keys are used to decrypt data.
Ultimately, Machina for Google EKM enables customer-managed trust by making you the ultimate arbiter of access to your data in GCP.