For most companies, trying to keep ahead of new security threats every day feels like gripping a handful of sand. No matter how hard you tighten and squeeze, some still manages to slip through your fingers. IT departments often face these challenges alone despite parallel responsibilities to support other core operational functions. As thousands of businesses discover every day, companies and organizations can depend on the technical expertise of Google to help them better manage their security needs when they sign up for Google Apps.

Feeling comfortable storing data in the cloud involves trusting a cloud services provider and the practices and policies they have in place. In today's ultra-connected, web-capable world, understanding how data will be protected is ultimately more meaningful than knowing it is physically located in one data center or another. We know that our customers expect us to be transparent, and we work hard to do just that. For example, earlier this year we disclosed a cyber attack against Google and at least twenty other large companies from a variety of industries.

As a next step toward increased transparency, today we're releasing a new Google Apps security white paper to help customers learn more about the security practices, policies, and technology that support Google Apps. We are always improving and evolving the security of our systems, and we work every day to help protect against new threats.

Google Apps offers a strong and extensive security infrastructure to support these and other benefits:
  • Our data centers are protected by advanced physical security controls, and access to information is monitored at multiple levels.
  • We store customer data in fragments across multiple servers and across multiple data centers to both enhance reliability and provide greater security than can be achieved by storing all data on a single server. When only fragments are kept in any one place, the chance that a possible physical or computer-based compromise could result in the loss of meaningful information is greatly reduced.
  • We perform software patching rapidly across identical server stacks to help keep users updated with the latest patches. This significantly reduces the deployment workload for IT administrators.
  • Administrators can set fine-grained access controls for documents, calendars, and other types of information commonly stored in the cloud.
  • Operations at vast scale can help detect security threats across the web early and prepare appropriate defenses.
  • System redundancy involves data replication across disparate data centers for availability and disaster recovery.
  • We have strong teams of security professionals dedicated to protecting customer data.
Visit this new page to learn more about security and privacy protections for schools.

We appreciate feedback as we continue to work hard to earn and maintain the trust that is placed in us.

Posted by: Eran Feigenbaum, Director of Security, Google Enterprise