An organization is migrating from their current on-premises productivity software systems to G Suite.
Some network security controls were in place that were mandated by a regulatory body in their region for their previous on-premises system.
The organization's risk team wants to ensure that network security controls are maintained and effective in G Suite.
A security architect supporting this migration has been asked to ensure that network security controls are in place as part of the new shared responsibility model between the organization and Google Cloud.
What solution would help meet the requirements?
Click on the arrows to vote for the correct answer
A. B. C. D.B.
As the organization is migrating to G Suite, the security architect needs to ensure that network security controls are in place as part of the new shared responsibility model between the organization and Google Cloud. This means that both the organization and Google Cloud are responsible for maintaining the security of the system.
Option A suggests ensuring that firewall rules are in place to meet the required controls. While firewalls are an important security control, they alone may not be sufficient to meet the specific regulatory requirements. Furthermore, firewalls are typically a part of the organization's responsibility, not Google's responsibility as a cloud service provider.
Option B suggests setting up Cloud Armor to manage network security controls for G Suite. Cloud Armor is a DDoS and web application firewall service that allows organizations to create and apply security policies to their Google Cloud Platform resources. However, Cloud Armor may not be relevant to the specific regulatory requirements that the organization must comply with.
Option C suggests that network security is a built-in solution and Google's Cloud responsibility for SaaS products like G Suite. While it is true that Google Cloud is responsible for the security of the infrastructure and services that make up G Suite, the organization is still responsible for configuring and using G Suite securely in accordance with their regulatory requirements.
Option D suggests setting up an array of Virtual Private Cloud (VPC) networks to control network security as mandated by the relevant regulation. VPC networks are used to create private networks within the Google Cloud environment, providing additional security and isolation for resources. By creating multiple VPC networks, the organization can segment their network to meet regulatory requirements and control access to sensitive resources.
Overall, option D is the most appropriate solution as it suggests implementing VPC networks to control network security as mandated by the relevant regulation. This allows the organization to maintain their existing network security controls while also leveraging the security features and benefits of Google Cloud. It is important to note, however, that implementing VPC networks alone may not be sufficient to meet all regulatory requirements and additional security controls may be necessary.