Last week Google has pushed an important update, which provides server side encryption to all data stored on Google Cloud Storage. That is, Google will now automatically encrypt new data uploaded to the cloud before it is written to the server side disk.
According to Google Platform Blog,
“If you require encryption for your data, this functionality frees you from the hassle and risk of managing your own encryption and decryption keys. We manage the cryptographic keys on your behalf using the same hardened key management systems that Google uses for our own encrypted data, including strict key access controls and auditing. Each Cloud Storage object’s data and metadata is encrypted with a unique key under the 128-bit AdvancedEncryptionStandard (AES-128), and the per-object key itself is encrypted with a unique key associated with the object owner.”
Google also explained that server side encryption is already enabled on new files uploaded on Google Cloud Storage and it will be pushed to existing data later this year.
It is extremely important to note Google has added encryption to Google Cloud Storage, not Google Drive. Google Cloud Storage is the enterprise cloud storage service provided by Google for businesses. Google Drive is the cloud storage service you probably use. Do not mix up the two.
Data encryption is said to be “becoming a bigger deal” ever since news about PRISM broke where top tech giants in the U.S, like Google, Microsoft, and Apple, supposedly had been giving the National Security Agency (NSA) access to their servers without warrants. Although companies are still denying being part of the PRISM program, they are certainly feeling the fallout related to these disclosures.