Cloud Bigtable lifts SLA to 99.999% and adds new security features for regulated industries
Product Manager, Cloud Bigtable
Google Cloud database services provide a trusted platform for always-on applications with global reach and unlimited scale. Today, we are excited to announce that Bigtable joins Firestore and Cloud Spanner with an industry-leading 99.999% availability SLA. This new SLA builds on the new security features that we launched recently, Customer-managed encryption keys (CMEK) and Data Access audit logs, which give enterprises greater control over how their data is secured and more visibility into how their data is accessed.
Bigtable is Google Cloud’s fully-managed, high throughput, globally-distributed NoSQL database built for massive scale. With CMEK and Data Access audit logs, even the most security-conscious enterprises can now take full advantage of Bigtable’s performance and scalability benefits for big data use cases like personalization, consumer loan eligibility, and payment fraud and money laundering detection.
99.999% availability SLA for always-on applications
We’re pleased to announce that Bigtable instances with a multi-cluster routing policy across 3 or more regions are now covered by a 99.999% monthly uptime percentage under the new SLA.
Bigtable supports 99.99% monthly uptime percentage for all instances with a multi-cluster routing policy across less than 3 regions and 99.9% monthly uptime percentage for all instances with a Single-Cluster routing policy.
Advanced security with CMEK and Data Access Audit Logs for regulated industries
CMEK provides any Bigtable customer with the ability to create and manage Bigtable instances using Google Cloud Key Management (KMS) encryption keys to protect their data-at-rest. Google Cloud KMS is a cloud-hosted cryptographic key management service that lets administrators create, rotate, disable, and delete keys that encrypt data stored in GCP services like Bigtable.
Although Bigtable already provides encryption for data-at-rest using Google-managed encryption keys, customers in regulated industries must often manage their own encryption keys (and related business processes) to satisfy regulatory and compliance requirements that are unique to their industry. CMEK for Bigtable provides customers with the tools to do so.
CMEK for Bigtable is available in all Bigtable regions. For customers who would like to use Cloud HSM, Google’s cloud-hosted Hardware Security Module (HSM) service, in conjunction with Bigtable, they can do so in every region in which both Cloud HSM and Cloud KMS are available.
There are no additional costs to create a CMEK-protected Bigtable instance, however Cloud KMS key usage fees will apply. Please see the Cloud KMS pricing page for details.
Figure 1: A CMEK-Protected Bigtable Instance
The second new capability, Data Access audit logs for Bigtable, enables security administrators to answer the questions of "who did what, where, and when?" within their Bigtable resources. Data Access audit logs can help determine whether sensitive customer information has been accessed in the event of a security incident, and if so, when, and by whom. These new audit logs, like Bigtable Admin Activity audit logs, are now available in Cloud Audit Logs for viewing or for export to Google Cloud Storage, BigQuery, or Pub/Sub.
For more information about Bigtable Data Access audit logs, please visit our Bigtable Audit logging information page.
For more information about CMEK on Bigtable, including details about how important encryption key management operations work, please visit this page
Upcoming Webinar: Learn how Bigtable uniquely solves challenges of storing and retrieving data for use cases such as personalization, fintech, and digital media. Watch an end-to-end demo of how to create an instance, data replication, and seamless scaling to meet demand. Register here.