Is Google for Work Secure for my Business?

Computer security is important to business. You want to make sure that your data is safe. Businesses often ask us if their data is safe when they use Google for Work. The answer is yes. 

But we know you have more questions so we've added some Q&A from Google to help answer some of your questions. 

For instance, did you know that Google employs over 450 full-time engineers, including some of the world's top experts in compute security? It's their top priority. 


How does Google protect against hackers, hacktavists, governments and other intruders?

The technology, scale and agility of our infrastructure bring you unique security benefits. Our data centers are built with custom-designed servers, running our own operating system for security and performance. Google’s 450 security engineers, including some of the world’s foremost experts, work around the clock to spot threats early and respond quickly. We get better as we learn from each incident, and even incentivize the security research community, with which we actively engage, to expose our systems’ vulnerabilities. Here are a few examples of how security and reliability are at the core of what we do:

Google’s data centers use custom hardware running a custom hardened operating system and file system. Each of these systems has been optimized for security and performance. Since Google controls the entire hardware stack, we are able to quickly respond to any threats or weaknesses that may emerge.

Google is the first major cloud provider to enable perfect forward secrecy , which encrypts content as it moves between our servers and those of other companies. Many industry peers have followed suit or have committed to adopting it in the future.

Google encrypts GMail, Attachment, and Drive data while on the move. This ensures that your messages are safe not only when they move between you and Google's servers, but also as they move between Google's data centers.

To protect against cryptanalytic advances, in 2013, Google doubled the length of our RSA encryption keys to 2048 bits . We change the keys every few weeks, raising the bar for the rest of the industry.

How do I know that customers sharing the same servers can't access my data?

Your data is logically protected as if it were on its own server. Unauthorized parties cannot access your data. Your competitors cannot access your data, and you can’t access theirs. In fact, all user accounts are protected by this secure architecture that ensures that one user cannot see another user's data. This is similar to how customer data is segmented in other shared infrastructures, such as online banking applications.

Does Google encypt my data?

Yes. Data is encrypted at several levels. Google forces HTTPS (Hypertext Transfer Protocol Secure) for all transmissions between users and Google Apps services and uses Perfect Forward Secrecy (PFS) for all its services. Google also encrypts message transmissions with other mail servers using 256-bit Transport Layer Security (TLS) and utilizes 2048 RSA encryption keys for the validation and key exchange phases. This protects message communications when client users send and receive emails with external parties also using TLS.

Perfect Forward Secrecy (PFS) requires that the private keys for a connection are not kept in persistent storage. Anyone who breaks a single key can no longer decrypt months’ worth of connections; in fact, not even the server operator is able to retroactively decrypt HTTPS sessions.

Google is constantly working to extend and strengthen encryption across more services and links.

Google Apps includes mobile device management (MDM) for Android and iOS which supports features such as device activation, remote data wipe and policy-based encryption. MDM puts you in control and makes it easy to let your users use their own devices to access corporate information without compromising on security.