Securing your Google Cloud Platform (GCP) environment requires addressing what your identities are permitted to do; Understanding who and what has access to your data; Enforcing organization-wide controls; Protecting your GCP organization by implementing applicable security controls and protecting your workloads deployed on GCP. You need to understand your security baseline for your cloud organization, but how?
This checklist helps you set up basic security to reduce risk in your Google Cloud environment. The checklist is designed for security administrators who are trusted with complete control over the company’s Google Cloud resources.
The checklist consists of tasks that have step-by-step procedures. In general, we describe the way that will be helpful to the largest number of Google Cloud users. As you go through the security checklist, take into account your own business needs.
In our GCP Security Checklist, we share a list of identity, data and platform actions to help you:
- Use the principles of least privilege and least access in your GCP environment
- Review common areas of misconfiguration
- Take actions to secure data, identities, and platforms in your environment