> For the complete documentation index, see [llms.txt](https://trillo.gitbook.io/trillo-security-and-compliance/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://trillo.gitbook.io/trillo-security-and-compliance/trillo-security-and-compliance-on-google-cloud.md). # Trillo Security and Compliance on Google Cloud Trillo Security and Compliance on Google Cloud **Introduction** * **Shift in Customer Focus:** Trillo customers are increasingly prioritizing security alongside cost-effectiveness. We recognize this need and have made security a core focus in delivering our solutions. * **Google's Security Foundation:** By building on Google Cloud Platform (GCP), we leverage Google's rigorous security standards and infrastructure. * **Our Commitment:** Security is deeply embedded in our company culture, development processes, and cloud operations. This document outlines our approach to protecting your data within the GCP environment. * **Compliance Note:** For details on GCP compliance certifications, please visit \[link to relevant Google Cloud compliance page]. **Security Culture** * **Dedicated Teams:** Trillo maintains dedicated security and privacy teams. They proactively guide the design and execution of our security practices throughout our applications and operations. **Operational Security** * **Vulnerability Management:** We employ multiple tools and processes (commercial, custom-built, penetration testing) to continuously scan for vulnerabilities. Identified issues are prioritized and assigned for rapid remediation. * **Monitoring:** We utilize GCP monitoring tools with a focus on application activity, user actions, and external threat intelligence to track potential security concerns. * **Incident Management:** We follow Google Cloud incident management procedures, providing clear escalation paths and a 24/7 response team to ensure swift resolution of security events. **Organizational Policies** We recommend implementing the following Organization Policies for enhanced control: * **Skip default network creation:** Enforces custom networking design for security. * **Define allowed external IPs for VM instances:** Limits exposure. * **Domain restricted sharing constraint:** Controls data sharing practices. **Network Security** * **Best Practices:** Trillo adheres to GCP network security guidelines including Shared VPC, secure hybrid connectivity, and well-defined ingress/egress controls for your workloads. **Security Command Center** * **Centralized Visibility:** We utilize Security Command Center to monitor cloud assets, detect threats, and manage access rights – safeguarding your sensitive data. **Access Management** * **Customer Data Ownership:** We unequivocally affirm that your data is yours. Trillo does not access or use it for purposes beyond providing our services. * **Administrative Access:** Trillo strictly limits internal access to customer data on a need-to-know basis, adhering to the principle of least privilege. * **Customer Admin Control:** Your team maintains full control over administrative roles and permissions within your GCP environment. **Identity Management** * **Best Practices:** We assist in mapping your existing identity provider to Google Cloud Identity services for seamless integration. * **Principle of Least Privilege:** Trillo champions this approach to minimize risk and grant only necessary access levels to users. * **\[Guidance]:** Provide step-wise guidance or link to resources on utilizing RBAC and Google Groups for efficient access management **Encryption** * **Data in Transit:** Trillo uses strong encryption protocols (TLS) across connections and offers optional Cloud VPN for added transport-level security. * **Data at Rest:** We leverage GCP's built-in encryption and augment it with Trillo's custom encryption for sensitive user data. **Availability** * **High Redundancy:** Trillo's architecture prioritizes redundancy across servers, storage, networking, and software to minimize single points of failure. * **Resilience:** We design for graceful error handling and real-time incident notifications for rapid response and minimal downtime. **Regulatory Compliance** * **Meeting Your Needs:** Trillo understands your compliance requirements. We rely on GCP's robust compliance certifications, \[link to relevant Google Cloud compliance page]. **Contact Us** For any further questions about Trillo's security practices on Google Cloud, please reach out to --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://trillo.gitbook.io/trillo-security-and-compliance/trillo-security-and-compliance-on-google-cloud.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.