Safekeeping of data for tens of millions of users can be a serious challenge for large, complex systems. The argument for using a large cloud provider is that it has more resources to ensuring security and has a broad range of experience in terms of security, especially compared to small or medium organizations.
This paper looks at Google’s security strategy and is an overview of what Google considers the main focus areas and design principles. The paper tries to convince perspective customers that its cloud infrastructure is safe.
Google focuses on several aspects of security that are critical:
• Organizational and Operational Security – Policies and procedures to ensure security at every phase of design, deployment and ongoing operations.
• Data Security – Ensuring customer data is stored in secure facilities, on secure servers, and within secure applications.
• Threat Evasion – Protecting users and their information from malicious attacks and would-be hackers.
• Safe Access – Ensuring that only authorized users can access data, and the access channel is secure.
• Data Privacy – Ensuring that confidential information is kept private and confidential