Tag Archives: google cloud

How we’re collaborating with Citrix to deliver cloud-based desktop apps

Businesses of all types are accelerating their transition to the cloud, and for many, desktop infrastructure and applications are part of this journey. Customers often tell us they want to be able to use their current desktop applications from any device and any place just as easily and securely as they can use G Suite.

That’s why today, we’re announcing a collaboration with Citrix to help deliver desktop applications running in a cloud-hosted environment.

Managing and delivering hosted desktop applications requires several pieces of technology: Google brings highly scalable and reliable infrastructure, a global network to reach customers and employees wherever they may be, and a team of security engineers who work to keep Google Cloud customers secure. Citrix brings the application management, backup and redundancy from XenApp, its desktop virtualization suite, and application delivery with Netscaler. Finally, Google Chromebooks and Android devices together with Citrix XenApp offer a highly secure, managed end-point that provide users a safe and user friendly experience on which to use applications.

All this requires close partnership and excellence in engineering. Google and Citrix have collaborated for years and we're expanding that relationship today in a few key ways:

  • Simplifying the path for customers to more securely transition to the cloud by bringing Citrix Cloud to Google Cloud Platform (GCP)

  • Bringing the application load balancing expertise of Netscaler to the world of containers via Netscaler CPX on GCP

  • Integrating Sharefile with G Suite to use Gmail and edit and store Google Docs natively.

  • Expanding use of secure devices with Citrix Receiver for Chrome and Android link

This collaboration helps address key challenges faced by enterprises moving to the cloud quickly and securely. Both Google and Citrix look forward to making our products work together and to delivering a great combined experience for our customers.

Source: Google Cloud


Announcing the winners of our Machine Learning Startup Competition

ML_hero

On Wednesday, July 12, Google Cloud hosted the finals of its Machine Learning Startup Competition in San Francisco. Launched at Google Cloud Next ’17 with our sponsors Data Collective and Emergence Capital, the competition aimed to bring together the best early-stage startups implementing machine learning. According to Fei-Fei Li, Google Cloud Chief Scientist of AI/ML, “AI will change the way we live and work and it’s happening at a faster pace than most people think.” We received more than 350 applications from startups across the U.S. that are leveraging machine learning to improve healthcare, financial services, retail, IoT and many other sectors.

From this strong group, 10 finalists were selected to compete for investments and the “Built with Google” grand prize of $1 million GCP credits:

ml-comp-logos-2

At the event, finalists took the stage to share their technology and vision with our expert judges.

Finalists had just three minutes to pitch and three minutes of Q&A to convince the judges.  They also spoke to an audience of investors representing  over 40 of Silicon Valley’s top venture firms.

After careful deliberation and debate, judges selected the following winners:

Built with Google — Grand Prize Winner ($1M in GCP Credit) — PicnicHealth

PicnicHealth creates training data for precision medicine. By engaging patients directly they provide life sciences studies with complete, structured outcomes data for any patient, from any source. To date, PicnicHealth has collected and structured 500,000 records from 5,000 different health care facilities. Their current customers include 23andMe, the National Institute of Health, Stanford, Sanofi Genzyme, and Biogen. Already leveraging Google Container Engine (GKE) and BigQuery, they plan to use the $1M in GCP credit to scale their machine learning efforts on Cloud Machine Learning Engine, Cloud Vision API, and Genomics API.

ML_3
Congrats to the PicnicHealth Team

Built with Google Prize, Runner-Up ($500K in GCP Credit) - LiftIgniter

LiftIgniter is a machine learning personalization layer powering user interactions on every digital touchpoint. Built by the team behind YouTube’s recommendation algorithm, LiftIgniter runs their full stack on GCP. LiftIgniter’s customers include Vevo, Fandom, and Tableau.

ML_4
Adam Spector accepting LiftIgniter award

In addition, Data Collective and Emergence Capital selected two startups that are eligible to receive an investment of up to $500,000:

Data Collective Choice Winner — Brainspec

Emergence Capital Choice Winner — LiftIgniter

All remaining finalists will receive $200K in GCP credits and technical assistance from Google Cloud to support the next stages of their companies. We want to thank our sponsoring venture capital sponsors, DCVC and Emergence Capital, and our supporting sponsors A16Z, Greylock, KPCB, GV, NEA, Sequoia.

A special thanks to all the startups who traveled many miles and spent countless hours preparing to participate in the competition.

The competition is just one of the many ways Google is focusing on machine learning and startups. Gradient Ventures recently launched to fund early-stage startups focused on artificial intelligence.

For more information on the Google Cloud Startup Program, check out our website.

Source: Google Cloud


Manage access to third-party apps with new G Suite security controls

Protecting your organization’s most sensitive data and assets is a constant challenge. G Suite helps protect your data in a number of ways: thwarting attackers with advanced phishing detection through machine learning, mandating strong authentication with security key enforcement and preventing data leakage through tools such as DLP.

Today, we're adding another security feature that improves data access control and enhances phishing prevention—OAuth apps whitelisting, giving your organization added visibility and control into how third-party applications are using your data.

New third-party application access controls

OAuth apps whitelisting helps keep your data safe by letting admins specifically select which third-party apps are allowed to access users’ G Suite data. Once an app is part of a whitelist, users can choose to grant authorized access to their G Suite apps data. This prevents malicious apps from tricking users into accidentally granting access to their corporate data.

OAuth Security GIF

With these new security controls, an admin can:

1. Get fine-grained visibility into the third-party apps that are accessing G Suite data.

OAuth Still 1
G Suite Admin console

2. Allow access to only trusted and vetted third-party OAuth apps.

OAuth Still 2

3. Guard OAuth access to core G Suite apps data by preventing unauthorized app installs, thus limiting the problems caused by shadow IT.

OAuth Still 3

Once the OAuth whitelisting settings are in place, access to third-party apps is enforced based on the policy set by admins, and employees are automatically protected against unauthorized apps.

Enable OAuth Apps Whitelisting for your domain

This feature is being rolled out in phases and will be made available within the Admin console in next few days. Check out instructions on how to get started here. And if you’re interested in learning more about how your business can collaborate, store and communicate securely in G Suite, visit the G Suite Security page.

How Virtru for G Suite lets you share sensitive business information and stay compliant

If you work in a regulated industry like healthcare, legal or finance, you might be familiar with regulations relating to HIPAA, CJIS and CFPB, and understand how important it is to protect sensitive data. In order to help you meet your obligations, you might need specific tools.

Gmail already offers world-class security protections like encryption through Transport Layer Security (TLS), but Virtru for G Suite is a simple way to help dually secure proprietary information included in your email communications. Virtru integrates client-side encryption directly into Gmail and G Suite, so you don’t have to worry about your emails or attachments falling into the wrong hands.

Using G Suite and Virtru, you can:

  • More securely send proprietary information via Gmail.
  • Create custom data loss prevention rules to detect and encrypt users’ sensitive information before it leaves your inbox.
  • Manage who can access what content and for how long (including third-parties), set expiration dates for emails and attachments and control forwarding on all messages.
  • Help your business meet regulatory requirements for email encryption, data security, privacy and data residency.

Why Premier Healthcare Services chose Virtru for G Suite

Premier Healthcare Services is a provider of skilled and unskilled in-home health services. The company uses Virtru for G Suite to securely send sensitive client information, and chose the encryption service because it was easy to install and intuitive to use for anyone familiar with Gmail.

Using Virtru for G Suite, Premier Health administrators can revoke access, manage forwarding and watermarking of attachments, and control access to documents and their expiration. Premier Health IT administrators can also set data loss prevention (DLP) rules to encrypt data  to help employees remain HIPAA compliant, even when they share information with parties outside of their domain.

To stay on top of their data security, they can also monitor a variety of activities within the Virtru Admin Dashboard, like when and where emails are forwarded and when DLP rules are triggered.

To learn how your business can use Virtru for G Suite to protect sensitive information in Gmail, register to attend this free webinar on July 11, 2017 at 10 a.m. PT / 1 p.m. ET.

Source: Gmail Blog


Nutanix and Google Cloud team up to simplify hybrid cloud

Today, we’re announcing a strategic partnership with Nutanix to help remove friction from hybrid cloud deployments for enterprises. We often hear from our customers that they’re looking for solutions to deploy workloads on premises and in the public cloud.

Benefits of a hybrid cloud approach include the ability to run applications and services, either as connected or disconnected, across clouds. Many customers are adopting hybrid cloud strategies so that their developer teams can release software quickly and target the best cloud environment for their application. However, applications that span both infrastructures can introduce challenges. Examples include difficulty migrating workloads such as dev-testing that need portability and managing across different virtualization and infrastructure environments.

Instead of taking a single approach to these challenges, we prefer to collaborate with partners and meet customers where they are. We're working with Nutanix on several initiatives, including:

  • Easing hybrid operations by automating provisioning and lifecycle management of applications across Nutanix and Google Cloud Platform (GCP) using the Nutanix Calm solution. This provides a single control plane to enable workload management across a hybrid cloud environment.

  • Bringing Nutanix Xi Cloud Services to GCP. This new hybrid cloud offering will let enterprise customers leverage services such as Disaster Recovery to effortlessly extend their on-premise datacenter environments into the cloud.

  • Enabling Nutanix Enterprise Cloud OS support for hybrid Kubernetes environments running Google Container Engine in the cloud and a Kubernetes cluster on Nutanix on-premises. Through this, customers will be able to deploy portable application blueprints that target both an on-premises Nutanix footprint as well as GCP.

In addition, we’re also collaborating on IoT edge computing use-cases. For example, customers training TensorFlow machine learning models in the cloud can run them on the edge on Nutanix and analyze the processed data on GCP.

We’re excited about this partnership as it addresses some of the key challenges faced by enterprises running hybrid clouds. Both Google and Nutanix are looking forward to making our products work together and to the experience we'll deliver together for our customers.

Source: Google Cloud


The SAP-Google data custodian partnership

In March of this year, SAP and Google partnered to advance innovation, agility and global reach for enterprises adopting the public cloud. As part of our collaborative development and solutions integration, we are working on a data custodian model that allows customers with specific needs to manage sensitive data on a public cloud platform.

To fully benefit from cloud computing, enterprises need to store and process their sensitive data on public cloud platforms, while complying with regulations and managing unauthorized access risks. Enterprises often need to address these requirements as part of a broader governance, risk and compliance solution for the public cloud. 

The data custodian model

Google Cloud Platform (GCP) already offers robust security capabilities and extensive compliance with public cloud security and privacy standards. To further increase customer trust, the data custodian model allows SAP, a trusted enterprise solution provider, to act as the custodian of the customer’s data on GCP. This provides greater transparency and separation of controls.

With the data custodian model, we envision enterprises defining a set of controls about how they want to handle their data on GCP, then relying on SAP, as the data custodian, to continuously monitor compliance to these controls and manage exceptions as needed. A current focus is on data access transparency for GCP services that store or process customer data. In the coming months, SAP and Google will continue to work together to enable custodian oversight and control over handling customer data on GCP. 

What are the benefits for customers?

Enterprises can benefit from the data custodian model in several ways. They can leverage SAP’s deep knowledge of GCP’s security approach, controls and workflows instead of building that expertise in-house. With SAP as a data custodian, customers have additional confidence that their data is accessed and stored in compliance with their defined data sovereignty, privacy and protection policies.

In addition, with this partnership, SAP and Google are extending and integrating their product portfolios, including GCP and G Suite to provide even greater value to customers. Look to SAP and Google to continue to collaborate on solutions like the data custodian model to enable the next generation of digital services.

The SAP-Google data custodian partnership

In March of this year, SAP and Google partnered to advance innovation, agility and global reach for enterprises adopting the public cloud. As part of our collaborative development and solutions integration, we are working on a data custodian model that allows customers with specific needs to manage sensitive data on a public cloud platform.

To fully benefit from cloud computing, enterprises need to store and process their sensitive data on public cloud platforms, while complying with regulations and managing unauthorized access risks. Enterprises often need to address these requirements as part of a broader governance, risk and compliance solution for the public cloud. 

The data custodian model

Google Cloud Platform (GCP) already offers robust security capabilities and extensive compliance with public cloud security and privacy standards. To further increase customer trust, the data custodian model allows SAP, a trusted enterprise solution provider, to act as the custodian of the customer’s data on GCP. This provides greater transparency and separation of controls.

With the data custodian model, we envision enterprises defining a set of controls about how they want to handle their data on GCP, then relying on SAP, as the data custodian, to continuously monitor compliance to these controls and manage exceptions as needed. A current focus is on data access transparency for GCP services that store or process customer data. In the coming months, SAP and Google will continue to work together to enable custodian oversight and control over handling customer data on GCP. 

What are the benefits for customers?

Enterprises can benefit from the data custodian model in several ways. They can leverage SAP’s deep knowledge of GCP’s security approach, controls and workflows instead of building that expertise in-house. With SAP as a data custodian, customers have additional confidence that their data is accessed and stored in compliance with their defined data sovereignty, privacy and protection policies.

In addition, with this partnership, SAP and Google are extending and integrating their product portfolios, including GCP and G Suite to provide even greater value to customers. Look to SAP and Google to continue to collaborate on solutions like the data custodian model to enable the next generation of digital services.

Source: Google Cloud


How The New York Times used the Google Sheets API to report congressional votes in real time

There’s a common phrase among reporters: “The news never sleeps.” This is why many news outlets rely on cloud-based productivity tools like Google Docs and Sheets to share information, check facts and collaborate in real time. And The New York Times is no exception.

In May 2017, the U.S. House of Representatives voted on a new health care law affecting millions of Americans. To report the news as fast as possible, The Times’ editorial team used Sheets to tally and display House votes in real time on NYTimes.com.


Engaging voters with the Sheets API

“People want to feel connected to the decisions their legislators make as soon as they make them,” said Tom Giratikanon,  a graphics editor at The Times. But rules in the House chamber make reporting on how every representative votes in real time difficult. Photography is restricted on the assembly floor, and there is a delay until all votes are displayed on the House website—a process that can sometimes take up to an hour.

To get around this lag, Giratikanon’s team used the Google Sheets API. The editorial team dispatched reporters to the chamber where they entered votes into a Google Sheet as they were shown on the vote boards. The sheet then auto-populated NYTimes.com using the Sheets API integration.

Says Giratikanon: “It’s easy to feel like decisions are veiled in the political process. Technology is a powerful way to bridge that gap. Sharing news immediately empowers our readers.”

It’s easy to feel like decisions are veiled in the political process. Technology is a powerful way to bridge that gap. Tom Giratikanon Graphics Editor, The New York Times
House votes

How it worked

To prep, Giratikanon tested the Sheets integration ahead of the House vote. He created a sheet listing the names of legislators in advance, so his team could avoid typos when entering data on the day of the vote. Next, he set up the Sheet to include qualifiers. A simple “Y” or “N” indicated “yes” and “no” votes.

After a few practice rounds, Giratikanon’s team realized they could add even more qualifiers to better inform readers–like flagging outlier votes and reporting on votes by party (i.e., Democrats vs. Republicans). The editorial team researched how each of the 431 legislators were expected to vote in advance. They created a rule in Sheets to automatically highlight surprises. If a legislator went against the grain, the sheet highlighted the cell in yellow and the editorial team fact-checked the original vote to reflect this in the article. Giratikanon also set up a rule to note votes by party.

As a result, The Times, which has roughly 2 million digital-only subscribers, beat the House website, reporting the new healthcare bill results and informing readers who were eager to follow how their legislator voted. 

NYT GIF

Try G Suite APIs today 

You can use Sheets and other G Suite products to help speed up real-time reporting, no matter the industry. Get started using the Sheets API today or check out other G Suite APIs, like the Slides API, Gmail API or Calendar API.

Source: Google Cloud


How The New York Times used the Google Sheets API to report congressional votes in real time

There’s a common phrase among reporters: “The news never sleeps.” This is why many news outlets rely on cloud-based productivity tools like Google Docs and Sheets to share information, check facts and collaborate in real time. And The New York Times is no exception.

In May 2017, the U.S. House of Representatives voted on a new health care law affecting millions of Americans. To report the news as fast as possible, The Times’ editorial team used Sheets to tally and display House votes in real time on NYTimes.com.


Engaging voters with the Sheets API

“People want to feel connected to the decisions their legislators make as soon as they make them,” said Tom Giratikanon,  a graphics editor at The Times. But rules in the House chamber make reporting on how every representative votes in real time difficult. Photography is restricted on the assembly floor, and there is a delay until all votes are displayed on the House website—a process that can sometimes take up to an hour.

To get around this lag, Giratikanon’s team used the Google Sheets API. The editorial team dispatched reporters to the chamber where they entered votes into a Google Sheet as they were shown on the vote boards. The sheet then auto-populated NYTimes.com using the Sheets API integration.

Says Giratikanon: “It’s easy to feel like decisions are veiled in the political process. Technology is a powerful way to bridge that gap. Sharing news immediately empowers our readers.”

It’s easy to feel like decisions are veiled in the political process. Technology is a powerful way to bridge that gap. Tom Giratikanon Graphics Editor, The New York Times
House votes

How it worked

To prep, Giratikanon tested the Sheets integration ahead of the House vote. He created a sheet listing the names of legislators in advance, so his team could avoid typos when entering data on the day of the vote. Next, he set up the Sheet to include qualifiers. A simple “Y” or “N” indicated “yes” and “no” votes.

After a few practice rounds, Giratikanon’s team realized they could add even more qualifiers to better inform readers–like flagging outlier votes and reporting on votes by party (i.e., Democrats vs. Republicans). The editorial team researched how each of the 431 legislators were expected to vote in advance. They created a rule in Sheets to automatically highlight surprises. If a legislator went against the grain, the sheet highlighted the cell in yellow and the editorial team fact-checked the original vote to reflect this in the article. Giratikanon also set up a rule to note votes by party.

As a result, The Times, which has roughly 2 million digital-only subscribers, beat the House website, reporting the new healthcare bill results and informing readers who were eager to follow how their legislator voted. 

NYT GIF

Try G Suite APIs today 

You can use Sheets and other G Suite products to help speed up real-time reporting, no matter the industry. Get started using the Sheets API today or check out other G Suite APIs, like the Slides API, Gmail API or Calendar API.

How to use BeyondCorp to ditch your VPN, improve security and go to the cloud

The BeyondCorp security engineering team at Google just announced their fourth research paper: Migrating to BeyondCorp: Maintaining Productivity While Improving Security.

For those that aren’t familiar with it, BeyondCorp is a security approach used by Google that allows employees to work from anywhere, quickly and easily.

This is easier said than done. In 2010, we undertook a massive project to rethink how to provide employees with secure remote access to applications: We moved away from our corporate VPN, and introduced BeyondCorp, a zero-trust network security model.

With BeyondCorp, we no longer have a binary access model, where you are either inside the whole corporate network, with all the access that allows, or outside and completely locked out of applications. Our new approach provides a better, more convenient, and less risky way: access to individual services as you need them, based on who you are and what machine you're using.

While BeyondCorp makes applications easily accessible from anywhere, it also improves security in other ways. Over the course of the migration we’ve discovered services that we thought were long dead, because this change required taking a detailed look at our traffic, our dependencies and our employee usage patterns. It’s also allowed us to scale globally while reducing our attack surface, and increased our ability to provide access when appropriate.

This March, we began offering elements of BeyondCorp to other organizations, in the form of Cloud Identity-Aware Proxy (IAP). Already, Cloud IAP has helped Google Cloud customers put fine-grained access controls on their critical internal services and applications based on region, time, role or group. More importantly, Cloud IAP removes obstacles to getting work done. Authorized employees get in, wherever they are, and do their job, or Cloud IAP blocks them, because they aren’t supposed to have access.

BeyondCorp: a work in progress

At Google, we’ve been on our BeyondCorp journey for several years, gradually shifting more of our traffic and services away from a segmented, privileged corporate network and onto the public internet and cloud.

You may be wondering how to move to a similar model. What do you need to do? What's the potential impact on your company and your employees?  The latest installment of our research paper describes how we kept people productive at Google while shifting our security model. It covers:

  • The process of migrating individuals to our non-privileged network

  • How we supported the effort through our TechStop infrastructure (local and remote service desks)

  • How to handle edge cases

  • Diagnostic tools to troubleshoot access denials

  • The importance of self-service documentation

  • Why to run a publicity campaign about the project.

In the end, we moved to this new system successfully by breaking up the work into discrete chunks, parallelizing as much as possible, and focusing on the end-user experience. To learn more about the BeyondCorp approach and determine whether it’s the right fit for your business, read all four public research papers:

  1. BeyondCorp: A New Approach to Enterprise Security

  2. BeyondCorp: Design to Deployment at Google

  3. Beyond Corp: The Access Proxy

  4. Migrating to BeyondCorp: Maintaining Productivity While Improving Security

And to discuss whether BeyondCorp and Cloud Identity-Aware Proxy are right for your business, give us a shout—we’d love to hear from you.