Google Apps: Data Security and Reliability

Do I get dedicated servers?
No. Google operates what is called a "multi-tenant" environment. While there is logical separation between users and corporations, storage and compute power are shared across a vast computing array. This is at the heart of Google's architecture and it's what provides the scalability, reliability, and cost effectiveness for which Google is known.

What are security advantages to Software-as-a-service?
With traditional software, employees save data to insecure USB drives, discs and laptops for easy access. With Google Apps, because employees can access information securely from anywhere, they're less likely to save sensitive data locally. And with Google Apps' 99.9% uptime guarantee, you can be confident that employees will have access whenever they need it. The 99.9% uptime SLA for Google Apps is offered to organizations using Google Apps Premier Edition, as described in the Google Apps Premier Edition Terms of Service and covers the full range of application services as specified there.

Why is Google Apps secure?

Google operates one of the largest networks of distributed data centers in the world, and we go to great lengths to protect the data and intellectual property on these servers. These facilities are protected around the clock and we have a dedicated security operations team which focuses specifically on maintaining the security of our environment. The controls, processes and policies that protect these data have successfully completed a SAS 70 Type II audit. There are three main components to our security practices:

    * People – Google employs a full-time information security team including some of the world’s foremost experts in information, application, and network security. This team is responsible for the company’s perimeter defense systems, security review processes, and customized security infrastructure, as well as for developing, documenting, and implementing Google’s security policies and standards.
    * Process – Security is part of the Google DNA. Each application is built from the ground up with security in mind. Google applications go through multiple security reviews as part of the Secure Code development process. The application development environment is closely restricted and carefully monitored to maximize security. External security audits are also regularly conducted to provide additional assurance.
    * Technology – Google Apps data is fractured and obfuscated across multiple servers and disks, making it human-unreadable. Data is replicated in multiple data centers for redundancy and consistent availability. To reduce exploit risks, each Google server is custom-built with only the necessary software components, and the homogeneous server architecture enables rapid updates and configuration changes across the entire network when necessary.

We rely on Google Apps ourselves.  We trust our own data to the products available to you. Google employees use Gmail for all corporate email, Google Calendar to schedule all meetings and events, and Google Talk to instant message among project teams. We use Google Docs for sensitive content like product design specs, and Google Sites to manage team projects.