Skip to Content

Data Security

September 2, 2010

Google Security Behind the Scenes

August 29, 2010

Google Apps: Security First

Dedicated to keeping your data safe, secure and private

Learn more:

●      FAQ

Additional resources:

●      Archiving and e-discovery tools
●      Security and privacy FAQs
●      Security whitepaper
●      Enterprise privacy center
●      Security & privacy webinar


Built with security and reliability in mind

Google operates one of the most robust networks of distributed datacenters in the world. The protection of the data and intellectual property on these servers is our top priority, with extensive resources dedicated to maintaining data security. Protected around the clock and monitored by a dedicated security team, our facilities are held to extremely high standards of scrutiny every moment of the day.

●      The controls, processes and policies that protect data in our systems have successfully completed a SAS 70 Type II audit.

●      Google Apps offers a 99.9% Service Level Agreement*, so you can be confident that employees will have access whenever they need it.

●      Google Apps is the first cloud based messaging and collaboration suite to achieve FISMA (Federal Information Security Management Act) certification, indicating that the General Services Administration has reviewed and certified our security processes and documentation.

New! 2-step verification

2-step verification allows users to add an additional layer of protection to their Google Apps accounts. This feature is available for Google Apps for Business, for Education, and for Government versions and is coming soon to the free version of Google Apps.

Infrastructure Security

Google Apps is designed to provide you with a secure and reliable platform for your data, bringing you the latest technologies and some of the best practices in the industry for datacenter management, network application security, and data integrity.

Google has created a secure, reliable cloud based computing environment with collaboration technology that can’t be matched by other systems today.

– Jason Ruger, Director of IT Strategy Motorola Mobile Devices

Three main components ensure the reliability of our security practices:

●      People – Google employs a full-time information security team including some of the world’s foremost experts in information, application, and network security. This team is responsible for the company’s perimeter defense systems, security review processes, and customized security infrastructure, as well as for developing, documenting, and implementing Google’s security policies and standards.

●      Process – Security is part of Google’s DNA, built into each application from day one. Google applications go through multiple security reviews as part of the Secure Code development process. The application development environment is closely restricted and carefully monitored to maximize security. External security audits are also regularly conducted to provide additional assurance.

●      Technology – To reduce exploit risks, each Google server is custom-built with only the necessary software components, and the homogeneous server architecture enables rapid updates and configuration changes across the entire network when necessary. Data is replicated in multiple data centers for redundancy and consistent availability.

Security FAQs

Who owns the data that organizations put into Google Apps?

To put it simply, Google does not own your data. We do not take a position on whether the data belongs to the institution signing up for Apps, or the individual user (that’s between the two of you), but we know it doesn’t belong to us!

The data which you put into our systems is yours, and we believe it should stay that way. We think that means three key things.

1.     We won’t share your data with others except as noted in our Privacy Policy.

2.     We keep your data as long as you require us to keep it.

3.     Finally, you should be able to take your data with you if you choose to use external services in conjunction with Google Apps or stop using our services altogether.

Where is my organization’s data stored?

Your data will be stored in Google’s network of data centers. Google maintains a number of geographically distributed data centers, the locations of which are kept discreet for security purposes. Google’s computing clusters are designed with resiliency and redundancy in mind, eliminating any single point of failure and minimizing the impact of common equipment failures and environmental risks.

Access to data centers is very limited to only authorized select Google employees personnel.

Is my organizations data safe from your other customers when it is running on the same servers?

Yes. Data is virtually protected as if it were on its own server. Unauthorized parties cannot access your data. Your competitors cannot access your data, and vice versa. In fact, all user accounts are protected via this virtual lock and key that ensures that one user cannot see another user’s data. This is similar to how customer data is segmented in other shared infrastructures such as online banking applications.

Google Apps has received a satisfactory SAS 70 Type II audit. This means that an independent auditor has examined the controls protecting the data in Google Apps (including logical security, privacy, Data Center security, etc) and provided reasonable assurance that these controls are in place and operating effectively.

What does a Google Apps SAS70 Type II audit mean to me?

An independent third party auditor issued Google Apps an unqualified SAS70 Type II certification. Google is proud to provide Google Apps administrators the peace of mind knowing that their data is secure under the SAS70 auditing industry standard.

The independent third party auditor verified that Google Apps has the following controls and protocols in place:

●      Logical security: Controls provide reasonable assurance that logical access to Google Apps production systems and data is restricted to authorized individuals

●      Privacy: Controls provide reasonable assurance that Google has implemented policies and procedures addressing the privacy of customer data related to Google Apps

●      Data center physical security: Controls provide reasonable assurance that data centers that house Google Apps data and corporate offices are protected

●      Incident management and availability: Controls provide reasonable assurance that Google Apps systems are redundant and incidents are properly reported, responded to, and recorded

●      Change management: Controls provide reasonable assurance that development of and changes to Google Apps undergo testing and independent code review prior to release into production

●      Organization and administration: Controls provide reasonable assurance that management provides the infrastructure and mechanisms to track and communicate initiatives within the company that impact Google Apps

Can my organization use our own authentication system to provide user access to Google Apps?

Google Apps integrates with standard web single sign-on systems using the SAML 2.0 standard. Organizations can do the integration themselves, or work with a Google partner to accomplish this.

What is FISMA?

The Federal Information Security Management Act of 2002, or “FISMA”, is a United States federal law pertaining to the information security of federal agencies’ information systems. FISMA applies to all information systems used or operated by U.S. federal agencies — or by contractors or other organizations on behalf of the government. If you want to learn more about FISMA, there is a very thorough entry on Wikipedia.

Visit our Help Center for more Security and Privacy FAQs..

* The 99.9% uptime SLA for Google Apps is offered to organizations using Google Apps for Business, as described in the Google Apps for Business Terms of Service..

Watch Video of Security at a Data Center

August 27, 2010

Googles Apps Data Disaster Recovery

Will you be ready when disaster strikes? It’s an uncomfortable question for many IT administrators, because answering it with confidence usually requires boatloads of money, immense complexity, and crossed fingers. Fortunately there’s a better way.

Taking email as an example, consider a few of the ways that companies protect their data from disruption. Ideally a typical small business backs up its email. They have a mail server, and copy the data to tape at regular daily or weekly intervals. If something goes wrong, they go to the tapes to restore the data that was saved before their last backup. But the information created after their most recent backup is lost forever.

In larger businesses, companies will add a storage area network (SAN), which is a consolidated place for all storage. SANs are expensive, and even then, you’re out of luck if your data center goes down. So the largest enterprises will build an entirely new data center somewhere else, with another set of identical mail servers, another SAN and more people to staff them.

But if, heaven forbid, disaster strikes both your data centers, you’re toast (check out this customer’s experience with a fire). So big companies will often build the second data center far away, in a different ‘threat zone’, which creates even more management headaches. Next they need to ensure the primary SAN talks to the backup SAN, so they have to implement robust bandwidth to handle terabytes of data flying back and forth without crippling their network. There are other backup options as well, but the story’s the same: as redundancy increases, cost and complexity multiplies.

Google Apps customers don’t need to worry about any of this for the data they create and store within Google Apps. They get best-in-class disaster recovery for free, no matter their size. Indeed, it’s one of the many reasons why the City of Los Angeles decided to go Google..

How do you know if your disaster recovery solution is as strong as you need it to be? It’s usually measured in two ways: RPO (Recovery Point Objective) and RTO (Recovery Time Objective). RPO is how much data you’re willing to lose when things go wrong, and RTO is how long you’re willing to go without service after a disaster.

For a large enterprise running SANs, the RTO and RPO targets are an hour or less: the more you pay, the lower the numbers. That can mean a large company spending the big bucks is willing to lose all the email sent to them for up to an hour after the system goes down, and go without access to email for an hour as well. Enterprises without SANs may be literally trucking tapes back and forth between data centers, so as you can imagine their RPOs and RTOs can stretch into days. As for small businesses, often they just have to start over.

For Google Apps customers, our RPO design target is zero, and our RTO design target is instant failover. We do this through live or synchronous replication: every action you take in Gmail is simultaneously replicated in two data centers at once, so that if one data center fails, we nearly instantly transfer your data over to the other one that’s also been reflecting your actions.

Our goal is not to lose any data when it’s transferred from one data center to another, and to transfer your data so quickly that you don’t even know a data center experiences an interruption. Of course, no backup solution from us or anyone else is absolutely perfect, but we’ve invested a lot of effort to help make it second to none.

And it’s not just to preserve your Gmail accounts. You get the same level of data replication for all the other major applications in the Apps suite: Google Calendar, Google Docs, and Google Sites.

Some companies have adopted synchronous replication as well, but it is even more expensive than everything else we’ve mentioned. To backup 25GB of data with synchronous replication a business may easily pay from $150 to $500+ in storage and maintenance costs- and that’s per employee. That doesn’t even include the cost of the applications. The exact price depends on a number of factors such as the number of times the data is replicated and the choice of service provider.

At the low end a company might tier the number of times they replicate data, and at the high end they’ll make several copies of the data for everyone. We also replicate all the data multiple times, and the 25GB per employee for Gmail is backed up for free. Plus you get even more disk space for storage-intensive applications like Google Docs, Google Sites and Google Video for business. Other companies may offer cloud computing solutions as well, but don’t assume they backup your data in more than one data center.

Here are a few of the reasons why we’re able to offer you this level of service. First, we operate many large data centers simultaneously for millions of users, which helps reduce cost while increasing resiliency and redundancy. Second, we’re not wasting money and resources by having a data center stand-by unused until something goes wrong – we can balance loads between data centers as needed.

Finally, we have very high speed connections between data centers, so that we can transfer data very quickly from one set of servers to another. This let us replicate large amounts of data simultaneously.

One of the most compelling advantages of cloud computing is its power to democratize technology. Whether it’s a 25GB email inbox, Video for business, synchronous replication, or one of countless other advanced services, Google Apps gives companies of all sizes access to technology that until recently was available to only the largest enterprises. And it’s available at a dramatically lower cost than the on-premises alternatives, without the usual hassles of upgrading, patching and maintaining the software.

No one likes preparing for worst-case scenarios. When you use Google Apps, you have one less critical thing to worry about.

April 30, 2010

Google Privacy Tools

Privacy tools

One of our goals at Google is to give users meaningful choices to protect your privacy. Here are some of our most popular tools that help you control your information:

  • Google Dashboard

    Find the answer to the question, “What does Google know about me?” by visiting the Google Dashboard, which shows you information stored in your Google Account. From one central location, you can easily change your privacy settings for services such as Blogger, Calendar, Docs, Gmail, Picasa, and Profiles.

  • Ads Preferences Manager

    View and edit the information Google uses to show you interest-based ads on websites in Google’s ad network. Add or remove interest categories associated with your web browser, or opt out of seeing relevant ads altogether.

  • Data Liberation Front

    We think you should be able to control the information you store online. Learn how you can move your data in and out of Google products.

  • Keep My Opt-Outs

    Install this Chrome extension for a one-step, persistent opt-out of ad personalization performed by companies adopting the industry privacy standards for online advertising.

  • Encrypted search

    Encrypt the search traffic between your computer and Google, helping to protect your search terms and your search results pages from being intercepted by a third party. Try a more secure and private search experience.

  • Incognito mode in Google Chrome

    When you want to browse the Internet in stealth mode, Google Chrome offers Incognito browsing. Pages you open and files you download while in Incognito mode aren’t recorded in Chrome’s browsing or download history, useful if you’re planning a surprise birthday present or party!

  • Street View Blurring and Takedowns

    We automatically blur identifiable faces and license plates in Street View to protect individual privacy. We also provide easily accessible tools so you can request further blurring of any image that features yourself, your family, your car or your home. You can also request the removal of images that feature inappropriate content.

  • Unlisted and Private Videos on YouTube

    YouTube was created for people to share ideas with the entire world. But sometimes you might just rather share it with a small group of friends or keep it to yourself. You can do that by choosing either unlisted or private when you upload your video.

  • Web History Controls

    If you’re signed in to a Google Account and have turned on Web History when you search, it helps you see your previous search terms and which results you’ve clicked on. We provide you control by letting you delete individual entries, pause collection, or opt-out of the service altogether.

  • Off the Record Gmail Chats

    Don’t want Gmail chat conversations to be stored in your account? Choose to chat “off the record”. You and your Gmail friends can see when a chat is taken off the record, and you’ll be instantly notified if your friend decides to chat on the record again.

  • Google Analytics Opt-out

    Google Analytics generates statistics about visitors to websites, such as the number of page views or times of peak traffic. If you don’t want your anonymous browser data to be collected by Google Analytics when you visit sites that use Google Analytics, you can install an opt-out in your web browser.

  • Search Personalization Opt-out

    Sometimes we personalize search results based on your previous activity in order to better help you find what you’re looking for, even if you’re not signed into a Google Account. But if you’d rather we didn’t do this, you can disable the feature altogether.

  • Control Your Location in Google Latitude

    Google Latitude makes it easy to share your location with your family and friends in real time. You can adjust your privacy settings in Latitude so that you share as much or as little about your location as you want, with whom you want.