Compliance isn’t a one-time goal; it’s an ongoing process. As your organization and the regulatory environment evolve, so too does Assured Workloads. Here are the latest additions to our portfolio of software-defined controls and policies that can make supporting your compliance requirements easier on Google Cloud.
Introducing Compliance Updates
An Assured Workloads control package is a set of software-defined controls that support a compliance standard or regulation. These packages may include mechanisms to enforce data residency, data sovereignty, personnel access restrictions, and more, depending on the particular statute’s control objectives.
To give customers flexibility in configuring their cloud estate, Assured Workloads controls are applied at the folder level of the Google Cloud resource hierarchy. We regularly update Assured Workloads control packages with new settings and general improvements based on the evolution of Google Cloud’s platform services and infrastructure.
The new Compliance Updates feature, currently in preview, allows you to evaluate if your current Assured Workloads folder configuration differs from the latest available configuration, and can enable you to upgrade previously-created AW folders to the latest version.
Customers can enable Compliance Updates via the console or API. We highly recommend customers turn on updates now to ensure you are taking advantage of the latest versions of our control packages.
Expanding Regional Controls
Building on our preview announcement, we’re excited to announce the expansion of Regional Controls packages for Assured Workloads. Regional Controls are now generally available in more than 30 Google Cloud regions and more than 20 countries.
Regional Controls are suitable for global organizations of all sizes seeking a secure and compliant cloud platform baseline to build upon while managing their data residency and compliance requirements cost-effectively.
Expanding supported services
Assured Workloads Regional Controls
We know that providing granular control over data residency and access through Regional Controls is crucial for our customers. We are pleased to announce that Regional Controls now supports over 50 of the most popular Google Cloud services (45% more than last year) and we remain committed to rapidly-expanding the list of supported services.
FedRAMP service expansion
Google Cloud’s commitment to empower federal agencies with advanced technology also reached a significant milestone with the addition of more than 100 new FedRAMP High authorized cloud services delivered through Assured Workloads compliance control packages. This includes several Vertex AI services, Cloud Build and Cloud Run, Cloud Filestore, as well as powerful security controls on our secure-by-design, secure-by-default cloud platform such as VPC Service Controls, Cloud Armor, Cloud Load Balancing services, and reCAPTCHA.
New Sovereign Controls by Partners
Google Cloud is committed to working with local, trusted partners to help our customers around the world meet digital sovereignty requirements. Italian organizations are accelerating their adoption of cloud technologies and artificial intelligence (AI) but need to maintain strict control over data and adhere to local regulations.
We recently announced the general availability of Sovereign Controls by PSN, a new Sovereign Controls by Partners control package in collaboration with our partners Polo Strategico Nazionale S.p.A. (“Telecom Italia”). Sovereign Controls by PSN is specifically designed for the Italian public sector, providing the tools, features, and technological controls to secure the sensitive workloads of the Italian government.
Get started with Assured Workloads today
We continue to work to provide you with the controls and capabilities you need to meet a diverse set of regulatory, compliance, and sovereignty needs.
Learn more about Assured Workloads and take advantage of our free trial program to check out our premium compliance offerings at no additional cost for a limited time.