Google has issued a white paper on the security of its Google Apps service to assure existing and potential customers...
about the security of its cloud-based services.
The white paper includes information about Google's security practices, policies and technology that support Google Apps, and attempts to counter the perception that Google's online services are less secure than traditional on-premises systems.
Yale University in the US halted its move to Google's Gmail and Google Apps in March, citing security and privacy concerns.
But Eran Feigenbaum, director of security at Google's enterprise group, said in a blog post that the move is part of Google's move towards increased transparency.
"We are always improving and evolving the security of our systems, and we work every day to help protect against new threats," he wrote.
Feigenbaum highlighted some of the key points in the white paper:
- Google datacentres are protected by advanced physical security controls, and access to information is monitored at multiple levels.
- Google stores customer data in fragments across multiple servers and across multiple datacentres to both enhance reliability and provide greater security than can be achieved by storing all data on a single server.
- Google performs software patching rapidly across identical server stacks to help keep users updated with the latest patches.
- Administrators can set fine-grained access controls for documents, calendars, and other types of information commonly stored in the cloud.
- Operations at a vast scale can help detect security threats across the web early and prepare appropriate defences.
- System redundancy involves data replication across disparate datacentres for availability and disaster recovery.