Built with security and reliability in mind

Google operates one of the most robust networks of distributed datacenters in the world. The protection of the data and intellectual property on these servers is our top priority, with extensive resources dedicated to maintaining data security. Protected around the clock and monitored by a dedicated security team, our facilities are held to extremely high standards of scrutiny every moment of the day.

• The controls, processes and policies that protect data in our systems have successfully completed a SAS 70 Type II audit.
• Google Apps offers a 99.9% Service Level Agreement*, so you can be confident that employees will have access whenever they need it.
• Google Apps is the first cloud based messaging and collaboration suite to achieve FISMA (Federal Information Security Management Act) certification, indicating that the General Services Administration has reviewed and certified our security processes and documentation.

New! 2-step verification

2-step verification allows users to add an additional layer of protection to their Google Apps accounts. This feature is available for Google Apps for Business, for Education, and for Government versions and is coming soon to the free version of Google Apps.

Infrastructure Security

Google Apps is designed to provide you with a secure and reliable platform for your data, bringing you the latest technologies and some of the best practices in the industry for datacenter management, network application security, and data integrity.

Three main components ensure the reliability of our security practices:

• People – Google employs a full-time information security team including some of the world's foremost experts in information, application, and network security. This team is responsible for the company's perimeter defense systems, security review processes, and customized security infrastructure, as well as for developing, documenting, and implementing Google's security policies and standards.
• Process – Security is part of Google's DNA, built into each application from day one. Google applications go through multiple security reviews as part of the Secure Code development process. The application development environment is closely restricted and carefully monitored to maximize security. External security audits are also regularly conducted to provide additional assurance.
• Technology – To reduce exploit risks, each Google server is custom-built with only the necessary software components, and the homogeneous server architecture enables rapid updates and configuration changes across the entire network when necessary. Data is replicated in multiple data centers for redundancy and consistent availability.

NEXT STEPS