Google has been a force for transparency in the public sector, increasing the availability of information to the public and promoting accountability.
In a recent example, Google has petitioned the US Foreign Intelligence Surveillance Court to allow the publishment of aggregate numbers of national security requests it has received, including FISA orders. Google has also asked the court to allow it to publish the number of accounts affected by these requests.
This push for transparency comes in the wake of revelations about the National Security Agency’s (NSA) PRISM program, which has raised concerns about the government’s surveillance activities.
Google has long been a proponent of government transparency and has fought for the release of information in the past. For example, in 2006, Google sued the US Department of Justice (DOJ) to force the release of records about search warrants issued as part of the DOJ’s efforts to enforce the Child Online Protection Act (COPA).
Google’s actions in this latest case align with the company’s commitment to openness and transparency. The company believes its users have a right to know about the government’s surveillance activities.
Google Cloud Platform and Zero Trust
There has been much ado around the concept of “Zero Trust” security, a term for security models that don’t rely on predefined trust levels among users, devices, or systems. Instead, Zero Trust security emphasizes verifying all users and devices before allowing access to resources and using security measures that insiders can’t circumvent.
Zero Trust security is a good fit for the cloud, where users can achieve access from anywhere on the globe, and devices can be from any manufacturer or operating system. When dealing with cloud services, there is no way to know in advance which users and devices should be trusted. So, to provide secure access to cloud resources, there needs to be a security model that can verify the identities of all users and devices and that can’t be easily compromised by insiders, which would mean that zero trust has become a moot point.
Google Cloud Platform enables zero trust through a number of features that can help your organization scale while keeping honest people honest. For example, Google Cloud identity and access management (IAM) feature can help
While the zero trust security model has existed for some time, it is only of late that it has been applied to the government sector. Zero trust security is a security model and overall set of principles that eschews the traditional trust-based model in which agents are granted access to resources based on their charge within an organization. Under the zero trust security model, all users are treated as untrusted until they are verified as being who they say they are and are given access to the resources they need.
The zero trust security model is a more secure alternative to the trust-based security model, as it eliminates the risk of users being granted access to resources to which they should not have access. By verifying the identities of all users and granting them access to the resources they need, the zero-trust security model reduces the risk of unauthorized access to sensitive data and systems.
The zero-trust security model is also more efficient than the trust-based security model, as it eliminates the need for users to be granted access.