Google: Lock up your Compute Engine data with your own encryption keys
Google will now let enterprise customers of one of its Cloud Platform services lock up their data with their own encryption keys, in case they’re concerned about the company snooping on their corporate information.
On Tuesday, Google started offering users of its Compute Engine service the option, in beta, to deploy their own encryption keys, instead of the industry standard AES 256-bit encryption keys Google itself provides. Encryption keys are used to lock data so it can not be read by other parties.
“Absolutely no one inside or outside Google can access your at rest data without possession of your keys. Google does not retain your keys, and only holds them transiently in order to fulfill your request,” wrote Leonard Law, Google product manager, in a blog post describing the new feature.