EP81 Demystify Data Sovereignty and Sovereign Cloud Secrets at Google Cloud

Cloud Security Podcast by Google - A podcast by Anton Chuvakin - Mondays

Categories:

Guest:  Christopher “CJ” Johnson, retired Fire Chief, and Global Regulated Cloud Product Lead @ Google Cloud Topics: In political science, they define sovereignty as a local monopoly on the legitimate use of force. Why are we talking about “sovereignty” in IT? What is a sovereign cloud?  How much of the term is marketing vs engineering? Who cares or should care about sovereign cloud? Is this about technical controls or paper/policy controls? Or both? What is the role for encryption and key management and key access justifications (like say Google Cloud EKM with KAJ) for sovereign cloud? Is sovereign cloud automatically more secure or at least has better data security? What threat models are considered for sovereign cloud technologies? Resources: Google Cloud External Key Manager (EKM)  “Trust Google Cloud more with ubiquitous data encryption” blog “Software-Defined community cloud - a new way to “Government Cloud”” blog