5 security realities of Google Apps



What exactly does it mean for security to "Go Google"?

These days everyone has heard of the "cloud". Compared to 7 years ago, when Umzuzu was founded, this is pretty amazing. The #1 objection we used to hear was, "I'm not sure it will work well with my Blackberry." ... we quickly learned that while, "your Blackberry is a piece of junk" was technically true. It was not the answer people were looking for. The security of Google Apps is exponentially better than what you have today. Also a true statement, but not very helpful. Security is an extremely specific topic. So, let's get specific. 

What are the security implications of "Going Google"?

1. Secure physical infrastructure

There are many layers of security baked into Google's data center security measures and infrastructure. A very small percentage of Googlers are allowed in the data centers, and even fewer are allowed on the floor where the servers are located. And as they near the core of the data center, they encounter more sophisticated security measures, like biometric scanners and under floor laser beams.

2. Control over the entire technology stack

From the servers and routers Google builds themselves, to the submarine fiber that connects the data centers, to the mobile management of the software interface, Google's team has control and visibility over the entire stack of technologies. This enables Google to detect weaknesses faster and respond to threats that may emerge swiftly. 

3. Investment in active security research beyond Google

More than 500 security engineers work to protect the Google systems, while dedicated teams look for malware and vulnerabilities beyond Google's own infrastructure, in other operating systems and all over the web. For this, we know there is power in numbers, which is why Google engages the broader security research community with the Vulnerability Reward Program. In the last year, Google paid 1.5 million dollars to security researchers and hackers from every corner of the world to attack Google's systems and share the vulnerabilities they identified. 

4. Locations chosen for speed and reliability

When picking the location of the data centers, Google has many priorities that keep speed and reliability top of mind. Among these factors, the location must:

  1. Be distributed geographically for better user experience and greater resiliency
  2. Have reliable, fast Internet connectivity and stable energy sources
  3. Be in politically stable areas with legal systems that maintain laws protecting cloud users from liability for content in the systems
  4. Abide by rule-of-law that protects Google's rights and the rights of users as it relates to human rights and challenging third-party requests

With all of the data centers adhering to these location priorities, Google can surpass the capabilities of on-premise data centers by creating an infrastructure built for speed, reliability, and protection of users’ data

5. There's no downtime

Information is distributed across Google's servers and data centers worldwide, so if a single server or even an entire data center fails, your information will still be accessible. The team is committed to reliability, and the way Google built their data model for applications and networks allows them to “replace the engines as the plane is flying,” so Google can complete maintenance while providing an uptime guarantee with no scheduled downtime.

Google's team has gone to great lengths to build one of the most secure cloud infrastructures in the world. While Safer Internet Day may only happen once a year, the team takes the trust and security of customers' information very seriously year-round (which they share in writing, too). Whether it’s creating easy-to-use tools to help organizations manage their information or keeping customer information safe from prying eyes, Google is constantly investing to ensure that Google Apps earns and keeps your trust.