Currently encrypting new data written to Cloud Storage, with the older data to be encrypted during the following months.
Google has strengthened the security for data stored in its cloud service by automatically encrypting data warehoused in its cloud service.
The search engine firm has started offering the server-side encryption for all new data written to Cloud Storage, with the older data to be encrypted during the following months.
Google product manager Dave Barth said that the new feature adds to the default encryption functionality already provided by Persistent Disks and Scratch Disks that come with Google Compute Engine.
"Together, this means that all data written to unstructured storage on the Google Cloud Platform is now encrypted automatically, with no additional effort required by developers," Barth said.
Google will encrypt each of the data and metadata of the Cloud Storage object using a key under the 128-bit advanced encryption standard (AES-128), while the per-object key would also be encrypted with an exclusive key linked to the object owner.
These keys will be further encrypted by one of a frequently rotated set of master keys.
"Of course, if you prefer to manage your own keys then you can still encrypt data yourself prior to writing it to Cloud Storage," Barth added.
The data gets automatically and transparently decrypted when authorised user wants to reads it.