This Google Cloud Platform security best practice is part of the Business Continuity & Disaster Recovery security domain.
The local and remote site recovery of the security infrastructure and functionality is a required component of business continuity and disaster recovery planning and documentation.
If customer’s production environment is on-premises or on another cloud provider, Google Cloud Platform can be useful as a target for backups and archives. Using Carrier Interconnect, Direct Peering, and/or Compute Engine VPN, you can easily adapt the disaster recovery strategies to your own situation.
Means of standardization across virtual infrastructure for systems, supported OS types and patch levels logically segregated by tiers shall be implemented. An exception review process will be instituted to justify and allow any non-standard virtual deployments.
A Business Impact Analysis shall be developed to address cloud components and operations and their overall criticality and recovery requirements in maintaining business function.
Audit of all third party hosted systems to ensure that those assets are included in CMDB shall be conducted.