How Google Protects your Data

transcript

How Google Protects Your Data

James Snow - Security Product Strategist

Continuing the conversation on Security and Privacy

A Brave New World for SecurityHackers do not respect borders or jurisdictions, attacks have evolved to become increasingly organized and

sophisticated. Your security position and posture need to evolve to meet these threats.

Control

Freedom

Be secure and Innovate

Technology Scale Agility

Security from the ground up

Google confidential | Do not distributeGoogle | Do not distribute

Reliability comes from software

1 device

MTBF = 10 years

100K devices(servers, routers,

networking, power supplies, cooling, …)

MTBF = 1 hour

Data Center

Data architecture secure at the core

Data Center

Global infrastructure

Google backbone We lay our own cables across the ocean

A network that spans the globeGoogle datacenter locations around the world

Security in Transit

Security built in depth

Address the main threats

Lost hardware

Physical intruder

Network intruder

Google | Do not distribute

More expertsMore R&D

Scale matters in security:

● 450 security engineers

● 24/7 active watch

● 160 academic research

papers on security

Always learning, always improving

Google confidential | Do not distribute

Faster development, deployment, response

Agility

Adapting fast gives more

security

● we prevent more incidents

● we can respond faster

● we test our own systems

● we learn and iterate

Data Protection = Security + PrivacyGoogle for Work helps customers to comply with privacy and security laws and regulations

Businesses have different needs than consumers

Peace of mind knowing your data is protected by the highest standards

Your data is yoursYou have controlWe are accountable to you

We put our commitments in writing

Your compliance made easy

How do I know the commitments are real?Third parties verify our promisesDemonstrate compliance

We empower you to make good decisions

Keeping the conversation going forward

Can data be processed outside of the EU? Adequate safeguards must be in place such asSafe HarborModel Contract Clauses

Where is the data stored? Attackers will come from anywhereThe same level of privacy globally is importantLocation is not a shield against government access

Does the loud increase risk?Does the cloud increase risk?

Technically more secure & legally committedTransparency for risk assessment

Is the cloud an easy target for governments?We force them to follow the legal process

We push back on government requests

Innovation brings evolution