Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Security Infrastructure

Google Divulges Google Apps Security Details

Earlier in the year Google disclosed that the company, along with at least twenty other large companies from a variety of industries, were victims of cyber attacks.

Earlier in the year Google disclosed that the company, along with at least twenty other large companies from a variety of industries, were victims of cyber attacks.

In an effort toward increased transparency, Google now wants to help customers understand the security practices, policies, and technology surrounding Google Apps with a newly published “Google Apps Security White paper.”

While most of what’s covered in the white paper should be expected and obvious to most information security professionals, the 14-page document does provide a more detailed look at the security policies, technologies and procedures that Google has in place to protect its over 10 million Google Apps users.

Some of the more interesting security initiatives include:

• Google’s “home made” servers are based on a stripped and hardened version of Linux, customized to include only the components necessary to run Google applications.

• Customer data is stored in fragments across multiple servers and across multiple data centers to both enhance reliability and provide greater security than can be achieved by storing all data on a single server. When only fragments are kept in any one place, the chance that a possible physical or computer-based compromise could result in the loss of meaningful information is greatly reduced.

• The company is able to provide software patching rapidly across identical server stacks to help keep systems updated with the latest patches.

• System redundancy involves data replication across disparate data centers for availability and disaster recovery.

The company also launched a Security & Privacy portal for its Google Apps for Education customers which has separate data and privacy policies and is also ad-free.

Google also recently added the ability for users to conduct encrypted searches utilizing SSL encryption when using the core Google.com search engine.

A blog post by Eran Feigenbaumm, Director of Security for Google Enterprise is available here and the full white paper can be viewed here in PDF format.

Written By

Click to comment

Expert Insights

Related Content

Funding/M&A

Identity and access governance vendor Saviynt has closed a $205 million financing round.

Security Infrastructure

XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture

ICS/OT

Security orchestration, automation and response (SOAR) provider Swimlane on Monday announced the launch of a security automation solution ecosystem for operational technology (OT) environments.

ICS/OT

The White House announced on Wednesday that the Industrial Control Systems (ICS) Cybersecurity Initiative has been expanded to include the chemical sector.

Data Protection

Artificial intelligence is more artificial than intelligent.

Incident Response

Created and maintained by MITRE, MITRE D3FEND is a framework that provides a library of defensive cybersecurity countermeasures and technical components to help organizations...