Account level tools for GCP High Risk data accounts

GCP high risk data account level policies.

The following account level constraints are provisioned in our GCP high risk accounts as part of our work with the RHEDCloud foundation for HIPAA class data (sensitive and restricted data).   These policies are by default applied to all "high risk" accounts, and are in addition to the  Organizational Policies for GCP High Risk data accounts 

Broadly, these tools are intended to:

  • Provide auditing and logging to the Cybersecurity Operations Center (CSOC) in conjunction with Security Command Center Premium monitoring and intrution detection
  • Provides initial networking and NAT Gateway

Additionally, the cloud team will be working to curate Terraform modules to implement best practices for certain service configurations.   

  • Google Cloud Storage
  • Kubernetes
  • Web Hosting
  • BigQuery
  • Google Cloud Run

These do not replace the need to understand the services in use and the best practices under the Shared Responsibility Model for Cloud Platforms (GCP, AWS and Azure) 

Should you need help with these modules or an exception to one of these policies, please  Contact the Public Cloud Team 

Keywords:GCP high risk data organizational policies restricted sensitive high-risk   Doc ID:115325
Owner:Mike V.Group:Public Cloud
Created:2021-12-20 14:42 CDTUpdated:2023-01-03 15:03 CDT
Sites:Public Cloud
Feedback:  0   0