Data within the Data Ocean is stored within two fully managed services on Google Cloud Platform.
Google Cloud Storage is used as the primary staging area for data being received from various source applications. Once data is loaded into Cloud Storage, it is then loaded into BigQuery in a raw state and then transformed and loaded into the Operational Data Store (ODS) dataset.
The data that transits into both Cloud Storage and BigQuery all passes over Google's Public API's. Information concerning the security can be referenced here: https://cloud.google.com/docs/security/encryption-in-transit#cio-level_summary
All data loaded into Data Ocean ultimately arrives over TCP (HTTPS) over TLS, and any other further actions or transformations performed on the data are under the same security restrictions. For any data stored on Google Cloud Storage or Google BigQuery, the data is encrypted at rest using Google's default encryption. At the moment Solvay does not used Customer Supplied Encryption Keys.
There is no end user (business user) access directly to data stored within the Data Ocean GCP Projects. Data within the Data Ocean that is exposed to business users and applications is done through Product GCP Projects. If possible the data will be exposed in the form of Authorized Views.
The current configuration of Google Cloud Platform resembles this
