What is Google doing to ensure Google Apps Premier is reliable to enterprise standards?
I underscored last week the importance of reliability, security and privacy to the success of Google’s new Apps for Enterprise (and for a fee) offering, SEE Google Apps data risks: Security vs. privacy and Google Gmail SLA guarantee?
Since the launch of Google Apps Premier I have contacted Google to learn more about how the company aims to qualm prospective enterprise fears about hosting mission critical data in the Google Cloud.
Below are highlights of the Official Google position on the security of Google Apps.
The foundation of Google’s security strategy starts with its people and processes. Security is a combination of people and processes and technology, that when put together properly lead to safe and responsible computing. Security is designed into products, architecture, infrastructure and systems from the onset.
The same infrastructure used to host Google Apps and secure hundreds of thousands of users’ data is also used to manage millions of consumers’ data and billions of dollars in advertising transactions.
The Google “security strategy” utilizes numerous physical, logical and operational security measures to ensure the utmost in data security and privacy. Google operates one the world’s largest networks of distributed datacenters in the world and goes to great lengths to protect the data and intellectual property in these centers.
Google operates datacenters worldwide, and many Google datacenters are wholly owned and managed ensuring that no outside parties can gain access. The geographic locations of the datacenters were chosen to give protection against catastrophic events. Only select Google employees have access to the datacenter facilities and the servers contained therein, and this access is tightly controlled and audited. Security is monitored and controlled both locally at the site, and centrally at Google’s worldwide security operations centers.
The facilities themselves are engineered not only for maximum efficiency, but also for security and reliability. Multiple levels of redundancy ensure ongoing operation and service availability in even the harshest and most extreme of circumstances. This includes multiple levels of redundancy within a center, generator-powered back-up for ongoing operations, and full redundancy across multiple dispersed centers. State of the art controls are used to monitor the centers both locally and remotely, and automated failover systems are present to safeguard systems.
In web-based computing, the logical security of data and applications is as critical as physical security. Google uses a number of industry standard techniques as well as some unique, innovative approaches. One such approach is leveraging special purpose technology as opposed to general-purpose software.
Much of Google’s technology is written to provide special purpose capabilities as opposed to general purpose computing. For example, the web server layer is specially designed and implemented by Google to only expose the capabilities required for operation of specific applications. Therefore, it is not as vulnerable to the wide range attacks that most commercial software would be susceptible to.
Google has also made modifications to core libraries for security purposes. Because the Google infrastructure is a dedicated application system rather than a general purpose computing platform, a number of the services provided by the standard Linux operating system can be limited or disabled. These modifications focus on enhancing the capabilites of the system needed for the task at hand and disabling or removing any exploitable aspects of the system that aren’t required.
Google’s servers are also protected by multiple levels of firewalls to protect against attacks. Traffic is inspected as appropriate for attempted attacks, and any attempts are dealt with to protect users’ data.
The application and network architecture run by Google is designed fro maximum reliability and uptime. Google’s grid-based computing platform assumes ongoing hardware failure, and robust software failure withstands this disruption. All Google systems are inherently redundant by design, and each subsystem is not dependent on any particular physical or logical server for ongoing operation.
Data is replicated multiple times across Google’s clustered active servers, so, in the case of a machine failure, data will still be accessible through another system. In addition, user data is replicated across data centers. As a result, if an entire datacenter were to fail or to be involved in a disaster, a second datacenter would be able to immediately take over and provide services to users.
IS GOOGLE'S SECURITY EXPLANATION SUFFICIENT?
TAKE THE POLL AT THE START OF THE STORY!