GCP Data Access Policy

Our Information Security approach revolves around minimizing and protecting the data we need access to:

  • We use a least-privilege approach to gain access to cloud cost & usage, billing metadata on a non-intrusive basis.  
  • We operate in a way that makes it easy to isolate and audit what we’re doing.
  • We do not need access to the data within your cloud accounts/projects, or the ability to affect technical operation or configuration of your cloud services.

We combine policies, procedures and technical controls to ensure a consistently robust approach is maintained through our people and technology. We adhere to industry recognized standards such as ISO 27001 and ISO 9001. Security obligations are reflected in our contractual agreements with customers, cloud vendors, suppliers and partners. 

Data Access

We will only ever request access to, and store, the minimum information we need. This varies by cloud provider and for:

  • Potential customers using our Savings Review to evaluate our service.
  • Customers using our rate optimization services to reduce their cloud spend.
  • Customers who also use us as their cloud reseller.
data access

Data Approach

Data Security approach

At Strategic Blue we control access internally through a number of role based access roles. This ensures that we as a company, and our staff, as individuals, have only the minimum access required to deliver our value. We enforce security through multiple technical controls, ensuring that only the necessary access is granted based on job roles.

Staff members have specific role-based permissions that define the actions they can perform.

  • Billing Administrator. Establish the viewer role, and grant access: Technical Account Managers
  • Billing Viewer: Account Managers, Technical Account Managers, Portfolio Management Team, Finance Team
  • Billing Operator (selection and purchase of committed use discounts): Portfolio Management Team 

 

Data required when evaluating our service

Our Google Savings Review provides an assessment of your current Google rate optimization approach based on read-only access to your Billing ID. (i.e. Billing Viewer access)

This access is restricted to billing information, we cannot review your usage.

Data required as a rate optimization customer and reseller

The access needed to deliver our rate optimization services is limited to billing and commitment information: 

  • We will be the Billing Owner, as we provide the Billing Account . 
  • To identify and provide recommendations for cost optimization we also require
    • Billing Account Usage commitment recommender administrator
    • Spend Based commitment recommender administrator

We do not have access to your projects, or any of teh data within the projects.

Data Access FAQS

Do you have access to my systems and data as a google reseller?

No. We only have access to the billing meta-data, with no access to any usage data.

Do you have access to the IP address information of my servers?

We have no access to IP addresses or server names, unless, contrary to best practice, you have chosen to include it within cost tags. We have no access to VPC and subnet information, nor any access to data flow logs and information.

How do you control who has access to my data?

Staff have very limited access to client information beyond the monthly cloud spend which is managed by the Finance team for billing purposes and the recommendations report which is managed by the Account management team. Access to systems and file shares is managed on a ‘need to know’ basis.

Can you give examples of how you adhere to privacy legislation. i.e. GDPR?

Our sales & marketing team holds (potential) customer information for the purposes of information updates & sales, which is handled appropriately with the required opt-out options. 

Our Account management team holds and maintains basic customer information (name, email, job title) as required to contact you to perform our business function. 

We do not have any access to any of your customer information. 

Can you create an project on my behalf?

By default we recommend that you create and manage your own Google Organisation and Projects. We will provide Billing Account information to route the invoice flow through Strategic Blue.

For testing purposes, we can create projects for you to use as sandpit spaces for initial testing, but as the google project creators we automatically have Project Owner access, and therefore rights to the data within a project.

Essential cookies

Essential cookies enable core functionality such as page navigation. The website cannot function properly without these cookies; they can only be disabled by changing your browser preferences.

Performance cookies

Performance cookies help us to improve our website by collecting and reporting information on its usage (for example, which of our pages are most frequently visited).

Marketing cookies

We use third party cookies on our site to serve you with advertisements that we believe are relevant to you and your interests. You may see these advertisements on our site and on other sites that you visit.

This website uses cookies for analytics and an improved browsing experience.
Click Ok to accept