Cloud IAP (Identity-Aware Proxy) manages access to cloud application running on Google Cloud Platform. Cloud IAP works by verifying users identities and determines if a user should require access to an application. Cloud IAP is a building platform towards BeyondCorp, a high-end security model that enables employees to work on un-verified networks without the use of a VPN.
The Data Loss Prevention API allows users to analyse and manage sensitive data. The API allows for a fast, scalable classification and option redaction for sensitive data such as financial and end user personal information. DLP API can classify information using over 40 pre-defined models to identify patterns and formats whilst potentially understanding contextual clues. The API can support text and images - just send data to the API or specify data stored on your Cloud Storage or Datastore instances.
Unlike text-message verification, 2-step verification provides superior protection with the use of a security key that uses cryptography to provide two-way verification. 2-step verification makes sure you're logging into a service that you have previously registered with as well as verifying security key registration.
Key Management Service (KMS) from Google Cloud is a cloud-hosted key management service that allows you to manage and maintain encryption for your cloud services. Fully manage AES256 encryption keys and because Cloud KMS is integrated with Identity and Management (IAM) and Cloud Audit Logging, it means you can manage permissions on individual keys and monitor how they are used. Cloud KMS will protect your business most highly regarded secrets and important sensitive data in Google Cloud Platform.
In Google Cloud Platform, resource containers are provided such as Folders and Projects that allow you to manage all of your Cloud Platform resources systematically. Thanks to this, resources such as control and configuration settings can be easily managed. Programmatically manage these resource containers with Cloud Resource Manager from Google Cloud.
Cloud Security Scanner protects your applications in Google App Engine by scanning for common vulnerabilities. It can provide you with comprehensive details of four common vulnerabilities, including cross-site-scripting (XSS), Mixed Content (HTTP or HTTPS), Flash Injection and outdated/insecure libraries. Cloud Security Scanner allows for early identification and delivers very low false positive rates. Cloud Security Scanner is easy to deploy, manage and maintain and is free for all Google Cloud Platform users.