Google is adding another layer of protection for its cloud computing customers. Starting today, the company will let users hold their own encryption keys for Google Compute Engine, the company's cloud processing platform. Google already encrypts data on the platform, but it manages the keys itself, leading to concern among some that the company could be compelled to decrypt the data without the user's permission. Under the new system, Compute Engine users will be able to manage their own keys, preventing Google or any other party from decrypting the data without somehow obtaining the offsite keys.
The program is similar to the key management system Box launched in February, although the Google program focuses on computing features rather than storage. It also has many of the weaknesses of the Box system, which was criticized for centrally managing encryption and key generation. Google is pledging to delete the private encryption keys as soon as they're passed on to the user, but there's still the threat that an adversary might intercept the keys after they're generated or intercept unencrypted data as it's passed to Google. If law enforcement is involved, Google may also be legally compelled to collect and relay the key.
Still, the main takeaway for enterprise users is an extra layer of insulation between sensitive data and the cloud. In the event of a Compute Engine breach, the data would be effectively unrecoverable, even if attackers gain access to Google's own key stores. At the same time, companies that take up the new feature will have the new task of keeping their keys safe. "Keep in mind," Google product manager Leonard Law said in a post, "if you lose your encryption keys, we won’t be able to help you recover your keys or your data. With great power comes great responsibility!"