One of the biggest problems when working with the cloud is that there are too many moving parts, and often users make mistakes that leave them open to vulnerabilities. Sometimes it can be as simple as leaving a port open because you are debugging, or granting yourself admin permissions, but forgetting to lock that down. These simple mistakes often end up leading you to lose customer data and exposing you to a lot of financial liability.
Luckily, Google recently launched its Cloud Security Command Center for Google Cloud. When enabled, it ties deeply into all Google Cloud assets. It starts to monitor your infrastructure for vulnerabilities, threats, over-granted permissions, sensitive data discovery, anomaly detection, misconfiguration detection and more.
S.C.C. monitors your entire organization - not just a single project-, and all your cloud assets. These assets include App Engine, BigQuery, Cloud SQL, Cloud Storage, Compute Engine, Cloud Identity and Access Management (I.A.M.) policies, Google Kubernetes Engine, and more.
Enabling S.C.C. is a quick process; you have to make sure your Google Cloud Project is part of an Organization. (Learn how to do that here https://cloud.google.com/resource-manager/docs/creating-managing-organization)
Then go to https://console.cloud.google.com/security/command-center/welcome and click enable!
Once enabled, S.C.C. will take some time and return with its findings. In the screenshot below, you can see that it found 374 events that could be considered threats, four crypto miners running, two brute force attacks and more.
This organization is having a terrible time; hopefully, this is not what you see when you enable S.C.C.
While S.C.C is easy to enable, you'll need to dedicate time to review and resolving the issues it detects. Sometimes this may require building additional services to ensure your cloud is secure.
If you are looking to seek compliance such as HIPAA or HITRUST, then S.C.C. is an even more significant asset. It keeps an audit trail of all the threats it found, when these issues were fixed, and who marked them as fixed. This gives you accountability and transparency into what is happening in your cloud.
Lastly, Google Security Command Center also supports third-party security tools such as Qualsys, CloudFlare, RedLock, Forsetti and more. These tie-in to the dashboard, giving you visibility into multiple results at once.
At Bitstrapped we are a team of experts in the advisory, implementation, and management of Cloud Computing and AI Solutions.
One of the first things we do when we start helping our customers with their Google Cloud is turn on S.C.C. No project is too big or small for this; security is an essential part of a workflow and we take it very seriously. Having worked with many organizations, our team has the right intuition and experience to review and resolve security issues,
Learn more about what we do at Bitstrapped.com
Have questions about Google Cloud Security Command Center and how it can help your business? Contact us for a free 30-minute discovery call with our experts so we can explore how it can benefit your business. Click here to contact us.