Data protection is a top consideration when running enterprise workloads in the cloud. At Google Cloud Platform (GCP), we offer numerous options to encrypt your data, including our default data-at-rest encryption (we’re proud to be the only cloud provider that encrypts all customer data at rest) as well as our Cloud Key Management Service (KMS) which allows explicit encryption of blocks of data with a key under your control. But we’ve heard from many of you that you’d like even more options that help you protect your most sensitive information assets and meet compliance mandates.
That’s why we’re excited to announce the availability of the beta release of Cloud HSM, a managed cloud-hosted hardware security module (HSM) service. Cloud HSM allows you to host encryption keys and perform cryptographic operations in FIPS 140-2 Level 3 certified HSMs (shown below). With this fully managed service, you can protect your most sensitive workloads without needing to worry about the operational overhead of managing an HSM cluster.