Advancing forward together: Google, AIT and Unbound secure and enable cloud
Article by Unbound's Marcella P. Arthur.
Maju Sama-Sama is Google Indonesia’s motto, and it means “advancing forward together”— a statement heard broad and wide when announced by Google in June of 2020. The commitment made to Indonesian developers and enterprises by Google is highlighted across the mainstream media outlets. With less latency access to data and applications, companies doing business in Indonesia can accelerate their digital transformation.
You can see the news of this technical evolution happening in Indonesia in almost every business and tech journal that writes about the latest trends and technology adoption rates; the most common statements you see and read center around Indonesia being one of the fastest-growing digital economies in Southeast Asia. Security is paramount to any and all businesses that are taking advantage of modern IT and shifting to the Cloud. Digital transformation is at the forefront of all Indonesian businesses.
Figure 1: Google Cloud now offers 24 regions and 73 zones across 17 countries worldwide.
Like many other post-Covid economies have found, growth in digital data forces a shift from the limitations of managing an enterprise completely on-premise to the business agility of the cloud. The cloud offers enterprises the ability to scale up their operations while fast-tracking their digital transformation. But like any business initiative, you have to balance the post-cloud benefits with the pre-cloud strategy.
Take inventory of the three most critical considerations your organization should ask:
- How do I pick the right partners and solutions for this digital transformation?
- How do I support existing applications?
- And most importantly how do I secure my users, my assets and my sensitive data?
Google’s investment in Indonesia is evident, with the opening of their first Google Cloud Platform (GCP) region in Jakarta, and the ancillary support from their existing three Cloud zones. The addition of the Jakarta region ensures high availability workloads, improved redundancy to prevent loss of data in service interruptions, and the ability to meet local compliance requirements which are critical in regulated markets such as Indonesia.
AIT, a long-standing go-to partner with deep roots in infrastructure services based in Indonesia, greatly understands the benefits of the localized commitment Google has made with GCP. Today AIT is working in concert with Google to ensure adoption by enterprise financials that need to maximize on their cloud investments.
Just this past February, AIT announced the forming of their partnership with Unbound Security, to leverage their Unbound CORE platform which offers enterprise customers the ability to manage their encrypted data and keys through a single pane of glass whether on-premise or in any cloud. This ability to manage, authenticate and secure cryptographic keys, identities and mission-critical information centrally without having to refactor applications to support new protocols is a game-changer for any enterprise going to the cloud.
As enterprise organizations continue to support legacy hardware security modules (HSMs) with a hybrid approach, Unbound’s CORE orchestrates and enables key management and security within existing infrastructure while preparing for cloud migrations and taking advantage of secure in-cloud operations. The combination of Google, AIT and Unbound Security makes for a “one-stop-shop” to the cloud seamless end-to-edge, digital transformation.
As government agencies worldwide make daily requests for access to customer data stored by the major cloud providers, ensuring you are in full control of your data becomes essential. There are many factors leading to this increase in government interest.
For one, it is the rise in the significance of compliance and regulation in the technology space at large. In addition, new initiatives such as the Clarifying Lawful Overseas Use of Data (CLOUD) Act, play a key role. These requests for data can cause conflict — the responsibility to preserve consumer privacy on the one hand, while meeting regulatory and/or public safety obligations on the other.
Unbound CORE manages the keys used to encrypt your data on Google Cloud. This goes a long way to solve the privacy vs. transparency issues, as well as the security challenges associated with holding sensitive and private data in the cloud.
The Google EKM enables users to secure and control use of cryptographic keys for cloud services. With EKM, it is now possible to use cryptographic keys held outside of the Google Cloud Platform, to protect data at rest stored by Google cloud. The EKM acts as an extension of Google’s Key Management Service (KMS).
The combination of Google Cloud Platform and Unbound CORE GCP External Key Manager enables Google Cloud customers to enjoy unprecedented control over their data. This data is privately and securely stored at rest, encrypted with keys exclusively controlled by the customers. This architecture is often referred to as Control Your Own Key (CYOK).
Unbound’s External Key Manager for Google Cloud is unique in its approach – it secures keys in the cloud using Secure MPC (Multi-Party Computation) technology. This software-based solution can be easily deployed in any cloud region while offering excellent performance, robustness and ease of management.
Advancing forward together: Benefits of GCP + AIT + CORE
The combination of transforming your business to Google Cloud Platform, enabling the infrastructure services led by AIT and integrating Unbound CORE GCP External Key Manager enables businesses across Southeast Asia to protect and be in full control of their data on Google Cloud.
Customer data stored and used by Google, including services such as BigQuery, can now be encrypted at-rest using keys that are fully controlled and owned by the customer. Google does not have access to these encryption keys – they are protected and managed solely by the enterprise customer using Unbound CORE.
The solution offers the following benefits:
- Help comply with data protection legislation and regulations, including the EU General Data Protection Regulation (GDPR).
- Regulate the key management process – by managing their own keys, enterprises can better protect their data and improve compliance.
- Maintain client data conﬁdentiality – only the customers of the cloud service have access to their data and encryption keys, reducing the risk of breach.
- Protect against rogue administrators – minimize the risk of unauthorized data access by a service administrator who may be misusing privileges.
- Control government access to corporate data – cloud service providers periodically respond to subpoenas where they are legally compelled to provide user data to government agencies (e.g., under CLOUD Act).
- Ensure scalability and stability – CORE is easily scalable to any enterprise’s needs. By integrating with GCP, the client gains the ability to bring this scalability to GCP and its associated services.
- Deploy quickly and easily – CORE is easy to deploy at multiple metro areas and availability zones, thanks to its mesh technology auto synching keys across sites.
- Utmost security and privacy – data at rest is secured using the CYOK (control your own key) approach.
- Auditing tools with multiple integrations – all operations are logged in a tamper-proof audit that can be connected to tools such as Splunk.
In summary, the digital transformation enterprise customers achieve utilizing the consultative, hands-on support of this triad is unmatched. At the start of this post, I mentioned the ever-clever Google motto used when launching GCP in Jakarta, Maju Sama-Sama.
Google, AIT and Unbound are committed to supporting modern IT, cloud and best-in-class security in Indonesia – and ultimately committed to ‘advancing forward together’.
For more information on Google, AIT and Unbound’s partnership, listen to their latest @theCOREofIT session here.