Organizations running SAP workloads on Google’s public cloud platform now have a way of knowing when a Google employee might access the computer systems hosting their data for various purposes.
The company this week announced a preview of Access Transparency, a new feature on Google’s cloud platform that gives enterprises visibility into operational access by Google employees to systems that store, process or secure customer data. Cloud providers sometimes require such access to address support requests or to ensure that a service is meeting performance targets.
The new security feature will let administrators know why the Google employee needed the access, the time of access, the specific system that was accessed and the location of the person that accessed the system.
During the preview period, organizations will be able to use the feature to monitor operational access to a specific set of Google cloud platform services including Cloud Storage, Google App Engine, Identity and Access Management and Key Management Services.
Google will enable similar visibility across other cloud platform services that store, secure or process customer data, said Pramod Mahadevan, Google’s global SAP partnership lead in a blog Nov. 14.
“Managing and mitigating risk is a priority for any organization adopting the public cloud,” he said. The new security feature is designed to give organizations a way to ensure they can meet that goal. “Access Transparency enables security and compliance teams to gain meaningful oversight of their cloud provider,” Mahadevan noted.
The Access Transparency feature is part of a broader effort by Google to build trust in its cloud service among SAP customers. Google and SAP announced a partnership in March under which they are collaborating in helping enterprises run SAP workloads on Google’s cloud platform more easily and securely.
As part of the partnership Google has agreed to let SAP act as a custodian of an enterprise’s data on its cloud platforms. In other words, an organization that chooses to move its SAP workload to Google’s cloud has the option of asking for SAP to act as a custodian of the data and to ensure its security and privacy.
The data custodian arrangement gives enterprises a way to describe the set of controls they want for their data on Google’s cloud and then use SAP to ensure those controls are in place.
In addition to the Access Transparency feature, Google this week also announce several SAP platform certifications on Google cloud. Among the SAP products that are now certified to run on Google cloud are SAP HANA, SAP Business One, SAP Hybris and SAP Business Objects. The certifications mean the technologies have been optimized to run on Google’s cloud hardware, software and network infrastructure.
Google also announced a new monitoring agent that will make it easier for SAP HANA administrators to monitor database performance from within Google’s cloud platform console.