How secure is Google Cloud Platform

Google and G Suite as an office solution started in the cloud from the start. In this way, Google was able to gain many years of experience in the field of cloud security. As a company, the manufacturer uses the same infrastructure that it makes available to its customers. This is why Google has a very keen interest in the topic of cloud security, not least of all.

Do you think that your own IT infrastructure is really more secure than that of a billion-dollar company with hundreds of security experts, whose data is its greatest asset?

This post will give you an overview of how Google ensures cloud security and what makes the Google Cloud the most secure environment for your data.

Data security and encryption

Data security is a central part of all Google data centers. Physically, these are strictly monitored by access cards and biometric scans.

Google uses specially manufactured hardware and operating software that are optimized for security and performance. The entire network architecture from Google is optimized for maximum reliability. If a server or even an entire data center fails, companies do not have to fear for their data. Google maintains one of the largest proprietary infrastructures in the world with numerous data centers as well as its own fiber optic connections and undersea cables around the world. This is how the company ensures the constant availability of its services.

Customer data is always encrypted and is only transmitted in encrypted form. The security of e-mails, chats and files in Google Drive is therefore guaranteed at all times. With around 700 full-time security experts, including leading experts in information, applications and network security, Google is already working on cloud security during the development of its services. A dedicated G-Suite incident management team then ensures smooth operation.

With these three methods, Google guarantees the security of the data:

Perfect Forward Secrecy
Google is the first major cloud provider to use Perfect Forward Secrecy (PFS). This is an innovative cryptographic procedure for key exchange between encrypted data. With PFS, even subsequent decryption of HTTPS sessions is impossible.

100% email encryption
Every email that is sent or received is encrypted at all times. The e-mails are therefore not only encrypted when they move between your end devices and the Google servers, but also when they are only moved internally between the servers.

Enhancement of encryption
To protect against advances in cryptanalysis, Google doubled its RSA key length to 2,048 bits in 2013 and established the approach of changing it every few weeks.

Secure administration and authentication

G Suite gives administrators control over the complete system configuration and application settings. Settings for authentication, the protection of information and the management of devices and apps can be made on a clear dashboard.

Authentication
Two-factor authentication reduces the risk of unwanted access by asking for additional identification. This identification can be carried out using a USB security key or a second device such as a smartphone. Google automatically detects unusual login attempts from unknown locations or devices and notifies the administrator of these. With the option of single sign-on (SSO), Google also offers centralized management of the access data of all users for other cloud applications beyond G Suite. Functions such as Secure / Multipurpose Internet Mail Extensions (S / MIME) also increase security.

Protection of information
G Suite administrators can provide even higher cloud security with additional functions such as Data Loss Prevention (DLP). DLP is a policy used to protect sensitive information within Gmail and Google Drive. For example, you can automatically check all outgoing emails from Gmail for sensitive information and activate automatic measures to prevent data leaks. In this context, it is possible, for example, to quarantine e-mails, block sending and request the user to change information. Thanks to machine learning (ML), G-Mail achieves 99.9 percent accuracy in detecting spam and reliably blocks phishing emails. Attachments are automatically checked for malware and file formats such as .BAT, .EXE, .SYS are blocked directly. In order to maintain full control over sensitive data, you can prohibit the downloading and printing of certain documents and set expiration dates for access.

Management of devices and apps
G Suite offers mobile device management (MDM) that alerts you to suspicious device activity. You can set your own policies, encrypt the information on the end devices and remotely delete all company data from lost or stolen devices. All third-party applications can be checked, blocked or authorized via OAuth by administrators. You can conveniently monitor and configure all of these security settings via the G Suite Security Center.

Compliance, eDiscovery and Analysis

Google designed G Suite to meet the highest cloud security requirements and the most stringent data protection and security needs. In addition, Google has strong contractual obligations with regard to data ownership, data usage, security, transparency and accountability. These are checked and confirmed through regular audits and controls by independent third parties.

These include the ISO certifications ISO 27001 (control information risks), ISO 27017 (control cloud-based information security) and ISO 27018 (protect personal data). Other certifications include the Service Organization Controls (SOC) SOC 1 (control over financial reporting), SOC 2 (control security, availability and confidentiality), SOC 3 (public report on control of security, availability and confidentiality) and other certifications for protection of card data (PCI DSS) and health data (HIPAA).

EU regulations
Google has received confirmation that the provider complies with the regulations of the EU data protection supervisory authorities. This confirmed that the contractual obligations for G Suite and Google Cloud Platform meet the legal requirements of the GDPR. Furthermore, functions such as the data regions offer the possibility of geographical restriction so that, depending on the configuration, Google only stores your data on servers within the EU. Google also undertakes to comply with the general data protection regulation GDPR. In close cooperation with the EU data protection supervisory authorities, Google implements strict guidelines and works continuously to optimize processes and controls for data processing.

eDiscovery and archiving
With Google Vault, you can set retention rules for data from G Suite apps and search, retrieve and export information. This is how you comply with statutory retention requirements and avoid data loss.

Reporting
Interactive reports help you keep track of your organization's security issues. Interfaces (APIs) also enable your own customized solutions. So you always have an eye on which data users are sharing, which third-party apps are installed and whether two-factor authentication is active. With audit tracking, G Suite administrators can track actions and set up custom alerts in case, for example, a file marked as confidential is downloaded or shared with third parties.

G Suite Security and Trust eBook

Would you like to learn more about G Suite cloud security? Request the free e-book "G Suite Security and Trust" with additional whitepapers from us without obligation!

Your partner for G Suite and Google cloud solutions

Are you interested in modern collaboration in companies with Google software as an Office alternative? Contact us if you have any questions or want to know more: We are an official Google Cloud partner and would be happy to advise you without obligation on the introduction, licensing and productive use of Google G Suite!

Further information

Why large organizations choose Google G Suite as an office alternative
Cloud data protection in Germany: Use Google G Suite and other cloud services in a GDPR-compliant manner
Google G Suite: Audit-proof and GDPR-compatible mail archiving in the Google Vault
Digitization in the automotive industry: Google Cloud and G Suite as innovation drivers in the automotive sector


Learn more about the Creative Commons license

Creative CommonsData SecurityG SuiteGoogleGoogle CloudGoogle WorkspaceIT Security