Google Workspace security whitepaper

How Google Workspace protects your data

Data access and restrictions

Administrative access

We’ve designed our systems to limit the number of employees that have access to customer data and to actively monitor the activities of those employees. Google employees are only granted a limited set of default permissions to access company resources. Access to internal support tools is controlled via access control lists (ACLs). Google follows a formal process to grant or revoke employee access to Google resources, and access is automatically removed for departing employees. Access authorization is enforced at all relevant layers of the system. Approvals are managed by workflow tools and logged. An employee's authorization settings are used to control access to all resources, including data and systems for Google Workspace products. Access is monitored by our dedicated security teams as a check on the effectiveness of our controls. The security teams actively monitor access patterns and investigate unusual events.

Furthermore, as part of Google's long-term commitment to transparency and user trust, we provide Access Transparency.2 This is a feature that enables customers to review logs of actions taken by Google staff when accessing your specific customer data. For services integrated with Access Transparency, Google uses a tool to validate that the business justification presented for access is valid, and log the justification to Access Transparency Logs.

For further information, please refer to the Trusting your data with Google Workspace whitepaper.

For customer administrators

Customers can control access to data and services on Google Workspace to help ensure that data is protected in accordance with the organization’s desired configuration. Role-based access controls enable customers to appoint users as administrators, granting the user the ability to access and perform certain tasks in the Google Workspace Admin console. You can make a user a super administrator who can perform all tasks in the Admin console. Or you can assign a role that limits which tasks the administrator can perform, for example, by allowing them only to create groups, manage service settings, or reset a user's password.

Law enforcement data requests

The customer, as the data owner, is primarily responsible for responding to law enforcement data requests and it is Google’s policy to direct the government to request such data directly from the customer. However, like other technology and communications companies, Google may receive direct requests from governments and courts around the world about how a person has used the company's services. We take measures to protect customers' privacy and limit excessive requests while also meeting our legal obligations. Respect for the privacy and security of data you store with Google remains our priority as we comply with these legal requests.

Detailed information about data requests and Google's response to them is available in our Transparency Report. Further information is also available in the Trusting your data with Google Workspace whitepaper.

Third-party suppliers

Google directly conducts virtually all data processing activities to provide our services. However, Google may engage some third-party suppliers to provide services related to Google Workspace, including customer and technical support. Prior to onboarding third-party suppliers, Google conducts an assessment of the security and privacy practices of third-party suppliers to ensure they provide a level of security and privacy appropriate to their access to data and the scope of the services they are engaged to provide. Once Google has assessed the risks presented by the third-party supplier, the supplier is required to enter into appropriate security, confidentiality, and privacy contract terms.