Google: securing everything, from end users to the enterprise cloud

Thanks to their global scale and R&D investments, Google and Google Cloud have mastered the science of cybersecurity.

This is according to Google Cloud security specialist company Deimos, which notes that Google has been a cybersecurity pioneer and leader in the field, having invested billions of dollars to make security the cornerstone of its product strategy.

The company notes that Google is helping to secure end users, applications and enterprise infrastructure around the world.

Google Cloud head of user protection services for Europe, Middle East and Africa, Cameron Emerson, said: “With Google Cloud, you can secure what you control – your own estate – and protect employees and users on the internet where you don’t have control.”

Emerson said Google Cloud user protection services security tools focus on protecting businesses from account takeovers and credential stuffing, phishing attacks and malware, unwanted software and fraudulent activities.

He cited three notable Google Cloud cloud-native security solutions to protect business.

“reCaptcha Enterprise is a comprehensive fraud prevention solution that combats account takeovers, credential stuffing, fake accounts, fraudulent transactions, SMS abuse and more. Its superior risk scores and granular insights improve fraud detection efficacy and reduce friction for legitimate users. For example, reducing fake account creation can prevent spam and fraudulent accounts from diluting the value of your user base.

Authentic engagement

“This protects your legitimate customer experience, promoting authentic engagement and potential long-term revenue. Businesses can also reduce financial losses directly associated with account takeovers and fraudulent transactions. Detailed risk scores and reason codes aid employees responsible for fraud detection, allowing them to focus on the most likely problematic cases and make more efficient decisions,” he said.

Furthermore, “Web Risk, part of Google Cloud’s user protection technology suite, and Safe Browsing safeguard over five billion devices worldwide from phishing, malware and unwanted software. It’s known for its high accuracy and low false-positive rates,” said Emerson.

Securing business in Africa

“With Web Risk and Safe Browsing, if you have ever seen a full screen red warning that the page you are trying to visit is dangerous, that is our team. We help protect leading African businesses to secure their applications,” Emerson said.

“In many African countries, the cost of an SMS can be more than 20c. High SMS costs in the region make it vulnerable to SMS pumping and fraud. This can be an attractive attack vector for threat actors looking to conduct SMS pumping, or international revenue share fraud (IRSF). We have seen very promising results from businesses we are working with in Africa to protect their applications from IRSF.”

Jaco Nel, chief technology officer at Deimos, said: “We lean heavily on Google Cloud security tools. The toolset is quick and easy to enable, utilise and extend and allows seamless integration into the Google Cloud ecosystem. Importantly, the tools are built on Google’s scale and ability to collect global data and pipe this into machine learning-enabled tools.”

“We focus on pan-Africa, which has its own unique security concerns. One of the main things we see across the continent is a general lack of security awareness in companies. They struggle to protect against ransomware, phishing, and errors such as misconfiguration within the internet space – for example, configuring a database server to be accessible from the internet, where it is exposed,” Nel said.

“We often see a general lack of application security. A widespread challenge in our industry is the lack of robust application security. The open web application security project (OWasp) maintains a widely recognised list of the top 10 web application security risks. Unfortunately, during our security assessments and reviews, we frequently encounter organisations that haven’t considered these critical OWasp guidelines.

“This often leads to the need for retrofitting security measures, which can be significantly more expensive compared to integrating them during the initial development phase. That’s why we tend to promote the Google Cloud Armor Web Application Firewall and Google Cloud Security Command Center”.

Nel said the toolsets offer data analytics tools for anomaly detection and solutions such as Chronicle, Google Cloud’s security operations platform. Chronicle overtakes legacy SIEMs and is trusted by leading MSSPs. It now features generative AI to supplement human skills before, during and after an incident. “Google Cloud Security solutions have multiple tiers to support businesses from entry level, through to feature-rich offerings for enterprises,” he said.

About Digicloud Africa
Digicloud Africa is Google’s chosen reseller enablement partner in Africa. Through Digicloud, Google is creating an ecosystem of Google Cloud partners across the continent. Digicloud supports its partner network by providing the necessary training, tools and resources needed to implement cloud solutions and support to their customers successfully. As customer demands for technology intensify, Digicloud is increasing its investment in supporting its partners to achieve sustainable growth. Digicloud’s partner enablement helps organisations build skills around open, advanced technologies to go to market with outcome-based solutions.

Find Digicloud Africa on LinkedIn.