Google Cloud gains federal certification, adds a suite of new security features

Google can now compete for Amazon and Microsoft's biggest cloud customer: The U.S. government.
Google Chrome
Researchers believe hackers used Chrome extensions and other malicious tools — along with domains issued by a single registrar — to spy on computer users. (Getty Images)

Google Cloud, the fastest growing cloud business in an booming industry, announced a long list of new security features on Wednesday including denial-of-service protection, data transparency and a “Cloud Security Command Center” designed to give customers visibility into where sensitive data is located, firewall rules and resource deployment.

The command center is only in alpha right now, but it’s designed expressly to let teams know which data is open to the internet, which personally identifiable information and even which are vulnerable to cross-site scripting (XSS) vulnerabilities.

“Administrators can identify threats like botnets, cryptocurrency mining, and suspicious network traffic with built-in anomaly detection developed by the Google Security team, as well as integrate insights from vendors such as Cloudflare, CrowdStrike, RedLock, Palo Alto Networks, and Qualys to help detect DDoS attacks, compromised endpoints, compliance policy violations, network intrusions, and instance vulnerabilities and threats,” Google announced in a Wednesday blog post. “With ongoing security analytics and threat intelligence, enterprises can better assess their overall security health in a central dashboard or through APIs, and immediately act on risks.”

Google Cloud also gained the a Provisional Authorization to Operate (P-ATO) at the Moderate Impact level from GSA’s FedRAMP Joint Authorization Board (JAB). That’s big news as Google tries to cut into Amazon Web Services’s and Microsoft’s hold on the federal cloud market.


If Google Cloud is ever going to compete on that level — which is exactly where Google wants to be — government is a necessary target that’s now closer within reach.

Patrick Howell O'Neill

Written by Patrick Howell O'Neill

Patrick Howell O’Neill is a cybersecurity reporter for CyberScoop based in San Francisco.

Latest Podcasts