Google Cloud Safety: Finish-to-Finish Belief and Transparency in Your Stack

by    SEO   Thursday, February 7th, 2019

My guest this week is David Cross and it is my second discussion with him. I loved talking to David when he was on the Microsoft side of the fence. Two years later, he is on the Google side of the fence as a Cloud Security Engineering Director, and I decided to bring him back on for another fun conversation.

We discuss Google’s on-premises Solutions, Data Custodian Model (SAP), the story behind BeyondCorp, Google’s beta product, called Identity-Aware Proxy and much more. Our conversation is a deep dive into IT Security and highly technical… Regardless of your title within IT Security realm, you will benefit from this conversation.

Major Take-Aways From This Episode:

Google’s beta product – Identity-Aware Proxy (IAP) service (,
BeyondCorp Model ( at Google and Anti-Phishing,
Importance of two-factor authentication; U2F Security Keys (, FIDO U2F Protocol (, OAuth (
YubiKeys ( – security keys for two-factor authentication,
Gsuites ( – Gmail, Docs, Drive and Calendar for business, everything in one package,
Building trust in cloud service provider (Google 9 layer stack)
Data Custodian Model at Google (
access transparency,
identity and protection
Google Cloud Blog article about Google’s custom chip Titan (