Google Cloud

Google’s services increase the number of opportunities that enterprises have to increase efficiency, and improve service and product delivery. Whether those services come in the form of cloud storage or as remotely delivered office applications, Google offers tools to make the world more connected so businesses and individuals can take full advantage of the internet to advance their initiatives.


Thales TCT offers a number of solutions based upon our high-assurance Luna HSMs to secure and protect your data in Google Cloud. With Thales TCT, agencies have the flexibility to leverage cloud services, the ability to both own and control their encryption keys, and reduce the risk of unauthorized data access. Thales TCT offers different encryption key generation, management and protection options available to Google Cloud users using Luna HSMs including: Customer-Managed Encryption Keys (CMEK), Customer-Supplied Encryption Keys (CSEK) and the new Google Cloud EKM service.


CipherTrust Key Broker is integrated with Google Cloud EKM to make it easy for organizations to follow security and key management best practices while leveraging the power of Google Cloud for compute and analytics. Organizations are able to securely create and control their own encryption keys separate from where their sensitive data is being hosted. By generating their own encryption keys using CipherTrust Key Broker, organizations can verify the origin and quality of the keys they are providing to the cloud provider, while maintaining the original version of the key outside of the Google Cloud environment.

Google now supports running the VMware stack in Google Cloud using the Google Cloud VMware Engine (GCVE). Now apps and workloads designed to run within VMware can be seamlessly migrated to the cloud. The combination of Google GCVE, VMware and Thales CipherTrust Manager ensures a secure path to the cloud. This joint solution simplifies migration, while adding all the benefits of the cloud, including scale, agility, lower cost, best in class security of dedicated infrastructure, and streamlined management of private encryption key

Google Cloud Storage offers worldwide data storage and retrieval at any time using a simple programming interface that allows developers to take advantage of fast and reliable networking infrastructure and is encrypted by default. CipherTrust Application Data Protection includes Bring Your Own Key (BYOK) solutions that integrate with the Customer-Supplied Encryption Key (CSEK) facility for Google Cloud Storage to manage the encryption keys used for storage encryption. This integration enables centralized encryption key management on CipherTrust Manager for streamlined key administration.

Google Apps: Identity Verification with SafeNet Trusted Access

Google Apps is a service that provides independently customizable versions of Google web applications, such as Gmail, Google Calendar, Docs, and Drive to enterprise customers. The SafeNet Trusted Access uses SAML to integrate with Google Apps to provide two factor authentication for secure identity verification.

Building on Thales’s award winning authentication service, SafeNet Trusted Access combines authentication and access management in a fully integrated cloud service. Our service lets you transform your business and operate securely in the cloud by preventing data breaches, simplifying access for users, and enabling compliance.

Our customers include over 25,000 organizations and 30 million users worldwide across all industries. Partnering with Thales for the long term, they trust our innovative access management and authentication services to help them securely adopt new ways of doing business on mobile, and in the cloud.

Google recommends that Google Workspace customers adopt the industry-standard and increasingly well-known shared responsibility model by using an external Identity Provider (IDP) and key manager (EKM) to ensure that only authorized and authenticated individuals can access protected documents. Only Thales develops an independent IDP and EKM solution.

Thales’s SafeNet Trusted Access (STA) used with CipherTrust Cloud Key Manager provides customers with an independent IDP and key management solution from a single vendor, helping you achieve your business goals with a smoother deployment, superior user experience and better value.