During my interaction with customers and partners, best practice and guidance always been asked by them. Best practices guides provide specific, informed guidance on helping secure Google Cloud deployments and describe recommended configurations, architectures, suggested settings, and other operational advice.
This is one of the most comprehensive guide to ensure Security is properly implemented in your Google Cloud environment: https://services.google.com/fh/files/misc/google-cloud-security-foundations-guide.pdf
These are some materials that you can refer:
- Google Cloud security foundations blueprint guide.
This comprehensive guide helps you build security into your Google Cloud deployments. It covers organization structure, authentication and authorization, resource hierarchy, networking, logging, detective controls, and more
Read the updated whitepaper
- Best practices for enterprise organizations.
This high-level guide helps enterprise architects and technology stakeholders understand the scope of security activities on Google Cloud and plan accordingly. It provides key actions to take and includes links for further reading.
- Architecture center: security and compliance.
Access our complete catalogue of security and compliance reference architectures, guidance, and best practices for building or migrating your workloads on Google Cloud.
Other than guidance above, these are great guidelines regarding security products at Google Cloud:
Best practices for cloud security products:
1. Secured Data Warehouse security blueprint
Learn about and deploy key security best practices for BigQuery across data ingestion, storage, processing, classification, encryption, logging, monitoring and governance.
2. AI Platform Notebooks security blueprint
Learn best practices for protecting confidential data in your AI Platform Notebooks, extending your data governance practices and protecting your data from exfiltration.
3. Container security best practices
Learn about securing containers by reading our “Exploring container security” blog series.
4. DDoS protection and mitigation on Google Cloud
This guide contains best practices for helping to protect against and mitigate denial of service (DoS) attacks for your Google Cloud deployment.
5. How to best use Microsoft AD with Google Cloud
Learn the best practices related to networking, hybrid connectivity, security, and management when running Active Directory on and with Google Cloud.
6. Best practices for Identity and Access Management
These guides outline some of the best practices for using Cloud Identity & Access Management (IAM) to manage identities and permissions for your organization.
Learn best practices for planning accounts and organizations
Learn best practices for federating Google Cloud with an external identity provider
7. Security best practice checklists
Learn more about Google Workspace and Cloud Identity security best practices with these checklists for small, medium, and large businesses.