Skip to Content

Google lets you bring your encryption keys to its cloud

Companies like the idea of the flexibility the cloud computing model, but many remain unconvinced that cloud—especially public cloud—is a secure place for their important data. So Google (GOOG) says it will now enable customers to bring their own encryption keys to the Google Compute Engine, the computing portion of Google Cloud Platform.

GCE already supports the AES-256-bit encryption, the difference now is customers can control the keys to access that data and, according to Google, “no one inside or outside of Google can access your at-rest data without possession of your keys.”

Google does hold those keys in transition. There is no charge for this service, which is now available in some markets in beta test or trial form.

For businesses considering cloud deployment, features like this are becoming table stakes and Google, with its roots in consumer-focused Internet search and advertising still must prove it’s serious about providing business-class cloud services to business.


Neil Palmer, chief technology officer for Sungard Advanced Technology Business, a Google cloud partner, has tried out the new capability and says it’s easy to use and is another stop in proving Google cloud’s business credentials.

Public cloud vendors have been subject to scrutiny on security from the get-go, said Palmer who is now seeing a shift in public realization that these providers can probably do a better job at securing people’s data than in-house IT departments.

But Google is not alone in beefing up encryption and other security perks.

Last year, Amazon(AMZN) Web Services announced BYO encryption keys for its S3 storage service. Amazon also offers CloudHSM to let customers manage their own keys. Microsoft(MSFT) Azure offers Key Vault which allows customers to import keys from their own hardware security modules (HSMs). With most of these options there is an initial free trial, but then charges accrue.

The three major public cloud vendors—as well as their smaller rivals—are trying to leapfrog each other when it comes to securing data—or at least assuring customers that they can do so. A few weeks ago, word leaked that Microsoft is buying Adallom, an Israeli specialist in providing security for Software-as-a-Service applications like Microsoft Office 365 and Salesforce (CRM), for example.

Sign up for Data Sheet, Fortune’s daily newsletter about the business of technology.