According to announcement made on Thursday, Google has taken the initiative to encrypt all the data housed in its cloud storage. All the new data being relayed to cloud storage will be actively encrypted, the same process will encrypt the older data but due to the share enormity of it will require a month’s time to finish the job. These revelations were made by Dave Barth in a blog who serves as a Google product manager.
People requiring encryption of their data can rest easy as this service will set them free from worrying about encrypting the data themselves. Encrypting the data can pose risks such as managing encryption and decryption keys which if misplaced would render the data useless. The cryptographic keys under Google’s encryption service will be handled by Google staff. It will undergo the same hardened key management process that Google employs for encrypting its own stored data.
Barth further added that all data and metadata residing within the cloud is encrypted with a key using 128 bit advanced encryption algorithm. The object key itself is encrypted with a unique key. But that’s not the limit of security encryption by any means! These keys are additionally encrypted to provide an extra layer of protection; they are encrypted by regularly rotated set of master keys. Of course the cloud is flexible for anyone that wishes to manage their own encryption keys. In such a case the party can encrypt data by themselves before storing it in the cloud.
The now notorious PRISM program which essentially gathered data was revealed by former U.S NSA contractor Edward Snowden. This revelation raised questions and concerns about U.S government requesting data from giants like Google under the pretext of security investigations.
A Google spokesperson denied the allegations and stated that Google doesn’t provide encryption keys to any government. The user data provided to the government was in perfect accordance with the law. Each and every request for data is thoroughly scrutinized by our legal team. We frequently deny requests when sensed there is no credible and plausible reason behind them. Requests that don’t follow proper process and come through appropriate channels are also put down. When it’s absolutely imperative to comply with requests, they are handed to the requisite authorities. No government has the right or ability to extract data directly from our servers the spokesperson further added.