Google Workspace security whitepaper

How Google Workspace protects your data

Introduction
Google’s security and privacy focused culture
- Google’s security and privacy focused culture
Operational security
- Operational security
Technology with security at its core
- Technology with security at its core
Supporting compliance requirements
- Supporting compliance requirements
  - Regulatory compliance
  - Independent third-party certifications and attestations
Data usage
- Data usage
Data access and restrictions
- Data access and restrictions
  - Administrative access
  - Third-party suppliers
Empowering users and administrators to improve security and compliance
- Empowering users and administrators to improve security and compliance
Conclusion

Introduction

Cloud computing has changed the way that companies today do business. Organizations primarily look to the public cloud to manage their infrastructure, operations, and delivery of services, realizing that providers can invest more in people and processes to deliver secure and compliant infrastructure.

As a cloud pioneer, Google fully understands the security implications of the cloud model. That’s why we designed our cloud services to deliver better security than many traditional on-premises solutions. We make security a priority to protect our own operations. Our customers run on that same Google infrastructure, so your organization directly benefits from these protections.

Security and data protection drive our organizational structure, training priorities and hiring processes. These principles shape our data center operations and technology. They’re central to our everyday operations and disaster planning, including how we address threats. They’re prioritized in the way we handle customer data. And they’re the cornerstone of our account controls, our compliance audits and the certifications we offer our customers. Our commitments to your business and your data are captured in our Google Cloud Trust Principles and affirm how we protect the privacy of customers whenever they use Google Workspace and Google Cloud Platform.

This whitepaper outlines Google’s approach to security and compliance for Google Workspace, our cloud-based productivity suite. Used by more than five million organizations worldwide, from large banks and retailers with hundreds of thousands of people to fast-growing startups, Google Workspace and Google Workspace for Education include the collaboration and productivity tools found here. Google Workspace and Google Workspace for Education are designed to help teams work together securely in new, more efficient ways, no matter where members are located or what device they use. For instance, Gmail scans over 300 billion attachments for malware every week and prevents more than 99.9% of spam, phishing, and malware from reaching users.¹ We’re committed to protecting against security threats of all kinds, innovating new security tools for users and admins, and providing our customers with a secure cloud service.

Note: We are bringing Google Workspace to our education and nonprofit customers in the coming months. Education customers can continue to access our tools via Google Workspace for Education, which includes Classroom, Assignments, Gmail, Calendar, Drive, Docs, Sheets, Slides, and Meet. Google Workspace for Nonprofits will continue to be available to eligible organizations through the Google for Nonprofits program. Unless indicated otherwise, the context of this document includes Google Workspace and Google Workspace for Education.

Disclaimer

_{This whitepaper applies to Google Cloud products described at}_{cloud.google.com}_{. The content contained herein is correct as of October 2021 and represents the status quo as of the time it was written. Google's security policies and systems may change going forward, as we continually improve protection for our customers.}

¹_{As of October 2021.}

Download full whitepaper