Published January 31, 2021 | Version v1
Journal article Open

Addressing Security and Compliance Challenges in Google Cloud Storage for Regulated Industries

Authors/Creators

Description

Cloud storage services offer significant advantages for organizations seeking scalable and cost-effective data storage solutions. However, regulated industries such as healthcare, finance, and government face unique security and compliance challenges when adopting cloud storage. This paper addresses these challenges in the context of Google Cloud Storage, examining the platform's security features, compliance certifications, and best practices for meeting regulatory requirements. We explore topics including data encryption, access control, audit logging, data residency, and disaster recovery, providing practical guidance for organizations navigating complex compliance frameworks such as HIPAA, PCI DSS, and GDPR. Furthermore, this paper presents implementation code studies demonstrating how to configure Google Cloud Storage to meet specific security and compliance needs, ensuring data protection and regulatory adherence in sensitive industries.

Files

EJAET-8-1-133-140.pdf

Files (241.5 kB)

Name Size Download all
md5:1e7e1aeca31cec50d00b1e9e00ff0582
241.5 kB Preview Download

Additional details

References

  • [1]. European Union Agency for Cybersecurity. Cloud Computing Risk Assessment. ENISA, 2009.
  • [2]. Google Cloud. Google Cloud Security Whitepaper. Google LLC, 2018.
  • [3]. R. Kishnan, Security and Privacy in Cloud Computing, Masters Theses, 919., 2017.
  • [4]. National Institute of Standards and Technology, Framework for Improving Critical Infrastructure Cybersecurity. NIST, 2018.
  • [5]. PCI Security Standards Council. PCI DSS (Payment Card Industry Data Security Standard) v3.2.1. PCI SSC, 2018.
  • [6]. Rhoton, John, "Cloud Computing Security: Foundations and Challenges," CRC Press, 2016.
  • [7]. U.S. Congress. Health Information Technology for Economic and Clinical Health (HITECH) Act. Public Law 111-5, 2009.
  • [8]. U.S. Department of Health and Human Services. Privacy Rule Introduction. 45 CFR Parts 160, 162, and 164, 2015.
  • [9]. Subashini, S., and V. Kavitha. "A Survey on Security Issues in Service Delivery Models of Cloud Computing." Journal of Network and Computer Applications 34, no. 1, pp. 1-11, 2011.
  • [10]. Zissis, Dimitrios, and Dimitrios Lekkas. "Addressing Cloud Computing Security Issues." Future Generation Computer Systems 28, no. 3, pp. 583-592, 2012.
  • [11]. Takabi, Hassan, James B. D. Joshi, and Gail-Joon Ahn. "Security and Privacy Challenges in Cloud Computing Environments." IEEE Security & Privacy 8, no. 6, pp. 24-31, 2010.
  • [12]. Pearson, Siani, and Azzedine Benameur. "Privacy, Security and Trust Issues Arising from Cloud Computing." In 2010 IEEE Second International Conference on Cloud Computing Technology and Science, 693-702.
  • [13]. Popovic, Kresimir, and Zeljko Hocenski. "Cloud Computing Security Issues and Challenges." In 2010 Proceedings of the 33rd International Convention MIPRO, 344-349.
  • [14]. Jansen, Wayne, and Timothy Grance. Guidelines on Security and Privacy in Public Cloud Computing. NIST Special Publication, pp. 800-144, 2011.