Security and Compliance
Overview
The Google security model is an end-to-end process, built on over 15 years of experience focused on keeping customers safe on Google applications like Gmail, Search and other Apps. With Google Cloud Platform your applications and data take advantage of the same security model. Read more about our security model in our Security Whitepaper, Infrastructure Security Design Overview Whitepaper and Encryption at Rest Whitepaper.
Information Security Team
At the center of the Google security model is our Information Security Team consisting of more than 750 top experts in information, application, and network security. This team is tasked with maintaining the company’s defense systems, developing security review processes, building security infrastructure and implementing Google’s security policies. Their notable achievements include: discovering the Heartbleed vulnerability, starting a reward program for reporting software security issues, and implementing an “SSL by default” policy at Google.
Learn more about our Information Security Team
Data Center Physical Security
Google data centers feature a layered security model, including safeguards like custom-designed electronic access cards, alarms, vehicle access barriers, perimeter fencing, metal detectors, and biometrics. The data center floor features laser beam intrusion detection.
Our data centers are monitored 24/7 by high-resolution interior and exterior cameras that can detect and track intruders. Access logs, activity records, and camera footage are reviewed in case an incident occurs. Data centers are also routinely patrolled by experienced security guards who have undergone rigorous background checks and training. Less than one percent of Googlers will ever set foot in one of our data centers.
Learn more about data center physical security
Server and Software Stack Security
At Google we run tens of thousands of identical, custom-built servers. We’ve built everything from hardware and networking to the custom Linux software stack with security in mind. Homogeneity, combined with ownership of the entire stack, greatly reduces our security footprint and allows us to react to threats faster.
Learn more about server and software stack security
Data Access
Google has controls and practices to protect the security of customer information. The layers of the Google application and storage stack require that requests coming from other components are authenticated and authorized. Access by production application administrative engineers to production environments is also controlled. A centralized group and role management system is used to define and control engineers’ access to production services, using a security protocol that authenticates engineers through the use of short-lived personal public key certificates; issuance of personal certificates is in turn guarded by two-factor authentication.
Data Disposal
When retired from Google’s systems, hard disks containing customer information are subjected to a data destruction process before leaving Google’s premises. First, disks are logically wiped by authorized individuals using a process approved by the Google Security Team. Then, another authorized individual performs a second inspection to confirm that the disk has been successfully wiped. These erase results are logged by the drive’s serial number for tracking. Finally, the erased drive is released to inventory for reuse and redeployment. If the drive cannot be erased due to hardware failure, it is securely stored until it can be physically destroyed. Each facility is audited on a weekly basis to monitor compliance with the disk erase policy.
Learn more about data disposal
Platform Security Features
All products at Google, including Cloud Platform, are built with security as a core design and development requirement. Furthermore, Google’s site reliability engineering teams oversee operations of the platform systems to ensure high availability, and prevent abuse of platform resources. Product specific security features are described in each product’s documentation, but all subscribe to certain platform-wide capabilities.
Secured Service APIs and Authenticated Access
All services are managed through a secured global API gateway infrastructure. This API serving infrastructure is only accessible over encrypted SSL/TLS channels, and every request requires the inclusion of a time-limited authentication token generated via human login or private key based secrets through the authentication system described above.
All access to Google Cloud Platform resources is regulated through the same robust authenticated infrastructure that powers other Google services. This means that you can use existing Google accounts, or set up a regulated Google managed domain. Features available when you are managing users include password policy, enforced 2-factor authentication, and new innovation for authentication enforcement in the form of hardware security keys.
Logging
All platform API requests, such as web requests, storage bucket access, and user account access, are logged. With Cloud Platform tools, you can read operations and access logs forCompute Engine,App Engine,BigQuery,Cloud SQL,Deployment Manager,Cloud VPN, andCloud Storage.
Data Encryption
Cloud Platform services always encrypt customer content stored at rest, without any action required from the customer, using one or more encryption mechanisms, with a few minor exceptions. For example, any new data stored in persistent disks is encrypted under the 256-bit Advanced Encryption Standard, and each encryption key is itself encrypted with a regularly rotated set of master keys. The same encryption and key management policies, cryptographic libraries, and root of trust used for your data in Google Cloud Platform are used by many of Google's production services, including Gmail and Google's own corporate data.
Learn more about your encryption options
Secure Global Network
Because it’s linked to most ISPs in the world, Google’s global network helps to improve the security of data in transit by limiting hops across the public Internet.Cloud Interconnectand managed VPN allow you to create encrypted channels between your private IP environment on premises and Google’s network. This allows you to keep instances completely disconnected from the public internet while still reachable from your own private infrastructure.
Intrusion Detection
Google intrusion detection involves tightly controlling the size and make-up of Google’s attack surface through preventative measures, employing intelligent detection controls at data entry points, and employing technologies that automatically remedy certain dangerous situations.
Security Scanning
Cloud Security Scanner helps App Engine developers identify the most common vulnerabilities, specifically cross-site scripting (XSS) and mixed content, in their web applications.
Compliance and Certifications
Cloud Platform and Google infrastructure is certified for a growing number of compliance standards and controls, and undergoes several independent third party audits to test for data safety, privacy, and security.
Our customers have varying regulatory compliance needs. Our clients operate across regulated industries, including finance, pharmaceutical and manufacturing.