Google: Securing the digital experience all the way from end-users through to enterprise cloud
Thanks to their global scale and R&D investments, Google and Google Cloud have mastered the science of cyber security.
This is according to Google Cloud security specialist Deimos, which notes Google has been a cyber security pioneer and leader in the field, having invested billions of dollars to make security the cornerstone of its product strategy.
It adds that Google is helping to secure end-users, applications and enterprise infrastructure around the world.
Cameron Emerson, head of User Protection Services, Europe, Middle East and Africa at Google Cloud, says: “With Google Cloud, you can secure what you control – your own estate – and protect employees and users on the internet, where you don’t have control.”
Emerson says Google Cloud user protection services security tools focus on protecting businesses from account takeovers and credential stuffing, phishing attacks and malware, unwanted software and fraudulent activities.
He cites three notable Google Cloud cloud-native security solutions to protect business.
“reCAPTCHA Enterprise is a comprehensive fraud prevention solution that combats account takeovers (ATO), credential stuffing, fake accounts, fraudulent transactions, SMS abuse, and more. Its superior risk scores and granular insights improve fraud detection efficacy and reduce friction for legitimate users.
"For example, reducing fake account creation can prevent spam and fraudulent accounts from diluting the value of your user base. This protects your legitimate customer experience, promoting authentic engagement and potential long-term revenue. Businesses can also reduce financial losses directly associated with account takeovers and fraudulent transactions. Detailed risk scores and reason codes aid employees responsible for fraud detection, allowing them to focus on the most likely problematic cases and make more efficient decisions,” he says.
Further, “Web Risk, part of Google Cloud’s user protection technology suite, and Safebrowsing safeguard over five billion devices worldwide from phishing, malware and unwanted software. It's known for its high accuracy and low false-positive rates,” says Emerson.
Securing business in Africa
Emerson says: “With Web Risk and Safe Browsing, if you have ever seen a full screen red warning that the page you are trying to visit is dangerous, that is our team. We help protect leading African businesses to secure their applications.”
He adds: “In many African countries, the cost of an SMS can be more than 20 cents. High SMS costs in the region make it vulnerable to SMS pumping and fraud. This can be an attractive attack vector for threat actors looking to conduct SMS pumping, or International Revenue Share Fraud (IRSF). We have seen very promising results from businesses we are working with in Africa to protect their applications from IRSF.”
Jaco Nel, CTO of Deimos, a Digicloud Africa Google cloud partner specialising in security, says: “We lean heavily on Google Cloud security tools. The toolset is quick and easy to enable, utilise and extend, and gives seamless integration into the Google Cloud ecosystem. Importantly, the tools are built on Google’s scale and ability to collect global data and pipe this into machine learning-enabled tools.
“We focus on Pan-Africa, which has its own unique security concerns. One of the main things we see across the continent is a general lack of security awareness in companies. They struggle to protect against ransomware, phishing and errors such as misconfiguration within the internet space – for example, configuring a database server to be accessible from the internet, where it is exposed," Nel says.
"We often see a general lack of application security. A widespread challenge in our industry is the lack of robust application security. The Open Web Application Security Project (OWASP) maintains a widely recognised list of the top 10 web application security risks. Unfortunately, during our security assessments and reviews, we frequently encounter organisations that haven't considered these critical OWASP guidelines. This often leads to the need for retrofitting security measures, which can be significantly more expensive compared to integrating them during the initial development phase. That’s why we tend to promote the Google Cloud Armor Web Application Firewall and Google Cloud Security Command Center.”
Nel adds that the toolsets offer data analytics tools for anomaly detection, and solutions such as Chronicle, Google Cloud’s security operations platform. Chronicle overtakes legacy SIEMs and is trusted by leading MSSPs. It now features generative AI to supplement human skills before, during and after an incident.
Nel says: “Google Cloud Security solutions have multiple tiers to support businesses from entry level, through to feature-rich offerings for enterprises.”