You Can't Secure the Cloud Right? | Security in the Cloud

Topic 3- Introduction to cloud security
Let’s start with the first topic, an introduction to security in the cloud. At Google we believe that security empowers innovation if you put security first everything else will follow. Google has been operating securely in the Cloud for nearly 20 years we have seven services each with over one-billion users every day this means that Google and Google Cloud connect to more than a billion IP addresses everyday designing for security is pervasive throughout our entire infrastructure and security is always paramount. Countless organisations have lost data due to a security incident a single breach could cost millions in fines and lost business but more importantly a serious data breach can permanently damage an organization's reputation with the loss of customer trust. As a result security is increasingly top-of-mind for organisational leadership like ceo’s and CSOs. Unfortunately many organisations don’t have access to the resources they need to implement state-of-the-art security controls and techniques. Google invests heavily in its technical infrastructure and has dedicated engineers is tasked with providing a secure and robust platform by choosing gcp you can leverage that same infrastructure to help secure your services and your data. Through the entire information processing life cycle including the deployment of services the storage of data communication between services and operation by administrators. Security cannot be an afterthought it must be fundamental in all designs that's why at Google we build security through progressive layers they delivered true defence indepth meaning our cloud infrastructure doesn’t rely on one single technology to make it secure, let’s start by talking about securing low-level infrastructure we design and build our own data centres that incorporate multiple layers of physical security protections as just one example access to these data centres is limited to a very small fraction of Google employees. We design our own servers networking, equipment and hardware security chips in those data centres. Our servers use cryptographic signatures to make sure they're booting the correct software, add the correct version in the correct data centre. Now let’s talk about a different layer of the stack service deployments specifically let’s talk about Google service service deployments which provide the fabric for Google Cloud. When services communicate with one another they do so via a remote procedure call or RPC if you’re not familiar with RPC that’s okay it’s just a way to facilitate communication between two services like rust over HTTP or XML over so. Google's infrastructure cryptographic privacy and integrity for all RPC calls for service to service communication. In addition to our own security practices Google also has an external bug bounty program in which third-party security researchers and developers can gain monetary reward for finding vulnerabilities in Google’s software components

Module 1: You Can't Secure the Cloud Right?

Module 1: What's the Cloud Anyway?

What's the Cloud Anyway? - Learning Outcomes

What’s the Cloud Anyway - Introduction

Cloud Computing

Cloud vs Traditional Architecture

Iaas, PaaS and SaaS

Google Cloud Architecture

What's the Cloud Anywhere - Quiz

What's the Cloud Anyway? - Lesson Summary

Module 2: Start with a Solid Platform

Start with a Solid Platform - Learning Outcomes

Start with a Solid Platform - Introduction

The GCP Console

Understanding Projects

Billing in GCP

Install and Configure Cloud SDK

Use Cloud Shell

GCP APIs

Cloud Console Mobile App

Start with a Solid Platform - Quiz

Start with a Solid Platform - Lesson Summary

Module 3: Use GCP To Build Your Apps

Use GCP to Build your Apps - Learning Outcomes

Use GCP to Build your Apps - Introduction

Compute Options in the Cloud

Exploring IaaS with Compute Engine

Configuring Elastic Apps with Autoscaling

Exploring PaaS with App Engine

Event Driven Programs with Cloud Functions

Containerizing and Orchestrating Apps with GKE

Use GCP to Build your Apps - Lesson Summary

Module 4: Where Do I Store This Stuff?

Where Do I Store this Stuff? - Learning Outcomes

Where Do I Store this Stuff? - Introduction

Storage Options in the Cloud

Structured and Unstructured Storage in the Cloud

Unstructured Storage Using Cloud Storage

SQL Managed Services

Exploring Cloud SQL

Cloud Spanner as a Managed Service

NoSQL Managed Services Options

Cloud Datastore a NoSQL Document Store

Cloud Bigtable as a NoSQL Option

Where Do I Store this Stuff? – Lesson summary

Module 5: There's an API for that

There’s an API for that - Learning Outcomes

There’s an API for that - Introduction

The Purpose of APIs

Cloud Endpoints

Using Apigee Edge

Managed Message Services

Cloud Pub_Sub

There's an API for that – Lesson summary

Module 6: You Can't Secure the Cloud Right?

You Can't Secure the Cloud Right? - Learning Outcomes

You Can't Secure the Cloud Right? - Introduction

Introduction to Security in the Cloud

Understanding the Shared Security Model

Explore Encryption Options

Understand Authentication and Authorization

Identify Best Practices for Authorization

You Can't Secure the Cloud Right? - Quiz

You Can't Secure the Cloud Right? – Lesson summary

Module 7: It Helps To Network

It Helps to Network - Learning Outcomes

It Helps to Network - Introduction

Introduction to Networking in the Cloud

Defining a Virtual Private Cloud

Public and Private IP Address Basics

Google’s Network Architecture

Routes and Firewall Rules in the Cloud

Multiple VPC Networks

Building Hybrid Clouds

Different Options for Load Balancing

It Helps to Network - Quiz

It Helps to Network – Lesson Summary

Module 8: Let Google Keep an Eye on Things

Let Google Keep an Eye on Things - Learning Outcomes

Let Google Keep an Eye on Things - Introduction

Education should be...
free and accessible.