EP81 Demystify Data Sovereignty and Sovereign Cloud Secrets at Google Cloud

Guest:

• Christopher "CJ" Johnson, retired Fire Chief, and Global Regulated Cloud Product Lead @ Google Cloud

Topics:

• In political science, they define sovereignty as a local monopoly on the legitimate use of force. Why are we talking about "sovereignty" in IT?
• What is a sovereign cloud? How much of the term is marketing vs engineering?
• Who cares or should care about sovereign cloud?
• Is this about technical controls or paper/policy controls? Or both?
• What is the role for encryption and key management and key access justifications (like say Google Cloud EKM with KAJ) for sovereign cloud?
• Is sovereign cloud automatically more secure or at least has better data security?
• What threat models are considered for sovereign cloud technologies?

Resources:

• Google Cloud External Key Manager (EKM)
• "Trust Google Cloud more with ubiquitous data encryption" blog
• "Software-Defined community cloud - a new way to "Government Cloud"" blog