Posted by Adam Swidler, Senior Manager, Google Apps Team

Editors note: This is the final post in a series that explores the top ten reasons why customers trust Google with their business data. A complete top ten list can be found here.

It’s important for all businesses regardless of size or industry to assess the risk of potential data breaches and take steps to prevent them, especially in the area of information technology. The use of laptops, smartphones, tablets and other mobile devices is increasing as users demand anytime, anywhere access to email and documents. This can increase the risk of a data breach if you’re using traditional applications which store a local copy of the data on the device and the device gets lost or stolen.

Google Apps can help reduce the risk of a data breach by limiting the data that is stored on your devices. When you check email or work on a document in a browser with Google Apps, the data is stored in our data centers, not on your device. That means that if your device gets lost or stolen, there is lower overall risk of a data breach. Similarly, if you collaborate with others in Google Docs, you don’t need to send them a copy of the document. You can enable and disable access to the document with a simple set of sharing controls and your collaborators access it from their browser. The document does not need to be stored locally on their device for them to collaborate on it.

For those times when you want to access Google Apps but you don’t have an Internet connection, we recently released an offline capability for Gmail and for Google Docs. The offline capability does involve some local data storage on devices. The amount of stored data is likely to be smaller as only a limited amount of documents and email are synchronized to the device for offline access. If you decide that this local data storage poses a risk, you can easily disable offline access.

For additional security and data protection information, including a video tour of a Google data center, you can visit our Google Apps security page.

Posted by Sam Srinivas, Product Management Director, Google Information Security Team

Editors note: This post is part of a series that explores the top ten reasons why customers trust Google with their business data. A complete top ten list can be found here.

As you compose a message in Gmail or collaborate on a document in Google Docs, you probably don’t often think about what we do to protect the data in that email or document. But behind the scenes we have an information security team that makes protecting your information its highest priority.

Information security is something that is important to every business. As Internet use has become widespread in the business world, attacks on applications and systems are becoming pervasive and sophisticated. Increasingly, monitoring and protecting applications and users against these attacks requires a great deal of infrastructure and technical expertise — usually more than one person or a small team can manage. Our information security team includes hundreds of full-time members working in close cooperation with the engineers developing Google applications. Some of the world's leading security researchers are members of our team, allowing Google to stay at the forefront of detection, response, and security software best practices.

We monitor our applications and systems continuously, using sophisticated automated systems that are designed to detect unusual activity and block it or flag it for immediate analysis by our monitoring team. We provide end-user features including 2-step verification, which defeats many common attacks such as trying to break into an account using a stolen password. Our Safe Browsing service helps protect users against malware and phishing. All of this technology and expertise comes together to enhance the security of your Google Apps data, allowing your IT staff to focus more of their attention on your business’s strategic needs.

“As the threats in the external environment change, [Google is] at the forefront of preventing, responding and anticipating. That’s one of the great things about partnering with Google - you have some of the best minds in the world working on those problems, which really frees me up to work on the problems that are unique to me and that I can really specialize in.”

- Todd Pierce, CIO of Genetech

Finally, we work to educate users about online safety. To that end, one of the most important things you can do to improve the security of your Google Apps accounts is to start using 2-step verification. We encourage you to set it up and start exploring other ways to better protect your information.

Posted by Adam Swidler, Senior Manager, Google Apps

Editors note: This post is part of a series that explores the top ten reasons why customers trust Google with their business data. A complete top ten list can be found here.

Google Apps allows you to be productive anywhere. For example, you may want to check your email or work on a document in a coffee shop, airport or hotel using a public wireless network. Google Apps protects your data in these situations by establishing an encrypted connection while you work. Without it, an unauthorized person could potentially hijack your session and gain access to your account. Using an Internet standard known as HTTPS, we encrypt your data as it travels from your browser to our servers. This makes it much harder for an imposter to access your account this way. We’ve supported encrypted connections from the day Google Apps launched over five years ago, and we made it the default setting for all users at the beginning of last year.

October is National Cyber Security Awareness Month and we’ve introduced a new Google Security center with more information on encrypted connections and other ways you can stay safe online.

Posted by Eran Feigenbaum, Director of Security, Google Enterprise

Editors note: This post is part of a series that explores the top ten reasons why customers trust Google with their business data. A complete top ten list can be found here.

We believe our customers should have lots of visibility into how we protect the data that is stored in Google Apps. And while it’s one thing for us to tell you how we protect the data, as we do in our blog posts and security white paper, it’s also helpful when independent third parties perform inspections and audits.

Cloud computing companies use the the SSAE 16 Type II audit, and its international counterpart ISAE 3402 Type II audit, to document and verify the data protections in place for their services. These auditing standards are defined by the The American Institute of Certified Public Accountants (AICPA) and the the International Auditing and Assurance Standards Board (IAASB), respectively. These audit standards have replaced the SAS 70 Type II audit, which Google Apps first completed in 2008. In our audits, we specify the confidentiality, integrity and availability controls that our customers are most concerned about, which are then verified by our auditors. We recently announced that we’ve successfully completed the SSAE 16 and ISAE 3204 Type II audits for Google Apps, Postini services, Google Apps Script, Google Storage for Developers and Google App Engine.

Google Apps for Government has also received Federal Information Security Management Act (FISMA) certification from the U.S. Government. The FISMA certification includes a rigorous evaluation of the security processes and data protections in place in Google Apps for Government and is required by U.S. federal government customers, who must comply with FISMA by law.

Third party audits are only part of the security and compliance benefits of Google Apps. For more information visit our Google Apps security page.

Posted by Sumeet Pannu, Site Reliability Engineer Manager

Editors note: This post is part of a series that explores the top ten reasons why customers trust Google with their business data. A complete top ten list can be found here.

People expect their email and productivity tools to just work, and we’re very proud of the reliable services we’ve been able to give our customers. Last year, Gmail was up and running 99.984% of the time, and in the first half of 2011 we’ve delivered 99.99% availability—that’s less than 5 minutes of downtime, on average, per month.

But we aren’t perfect, so providing you with information on how our apps are performing is very important to us, and we’re committed to being transparent with you in the event that something goes wrong.

To this end, we’ve developed a new Apps Status Dashboard that we believe will give you accurate information faster. The former day-by-day design will be replaced by the new dashboard which gives a more clutter-free status with a single, continuous timeline.

The new dashboard shows only service disruptions and outages. The size of the dot will indicate the length of outage and the color will indicate the severity. The dot to the left of the service name will show the current status of the service.


When you click on one of the yellow or red dots in the timeline, you’ll see a single transcript that will display all the status messages until final resolution—even if the outage spanned more than a single day. There will now be a single URL that describes the issue and resolution for the entire outage.


As before, the dashboard is visible to everyone on the web—there’s no username or password required. We hope you’ll find this new presentation of Google Apps status to be even more accessible and useful, and please share your feedback in the comments below.

Posted by John Collins, Senior Global Trust PM, Google Apps

Editors note: This post is part of a series that explores the top ten reasons why customers trust Google with their business data. A complete top ten list can be found here.

Technology failures and natural disasters can significantly impact your business. Planning for them can be cumbersome and expensive. In a typical on-premise IT environment disaster recovery often means redundant infrastructure, backup tapes or storage area networks and a lot of IT complexity. Some businesses even build and manage duplicate data centers, specifically for disaster recovery, and those data centers sit idle the majority of the time.

The effectiveness of a disaster recovery plan is commonly measured in two ways: Recovery Time Objective (RTO) and Recovery Point Objective (RPO). RTO measures how long before users can access systems in the event of a failure. RPO measures how much of a time gap exists when the data is restored. Businesses that have invested lots of time and money in disaster recovery preparation are typically able to set RTO and RPO goals at a few hours or less for critical systems, with the cost increasing as those timeframes decrease. For other businesses that haven’t invested at that level, RTO and RPO can stretch into hours or days. And in extreme cases, if disaster strikes, some businesses just have to start over.

Google Apps offers a better way, with robust disaster recovery capabilities built right in. Our RPO design target is zero data loss and our RTO design target is instant failover. This means that if there is a disaster or disruption that affects one of our data centers, we are able to shift users to an alternate data center, so they can can continue working uninterrupted. And while no disaster recovery solution from any provider is perfect, we are proud of the benefits our customers gain.

In the words of Mark Switalski, Macomb County Circuit Court Chief Judge, and Carmella Sabaugh, Macomb County Clerk:

“We know that when a disaster happens, our system will not go down and because our data is in the cloud, it is protected and accessible from anywhere. After a rare tornado hit last summer, briefly disrupting power and some network services, the clerk’s Google service remained accessible via cell phone and other networks.”

Planning for disasters is a big challenge, but with Google Apps you have fewer things to worry about. Your email and documents will be accessible so your business can continue despite the disaster. It’s one of the main reasons that businesses trust Google Apps with their data.

Posted by Rishi Dhand, Product Manager, Google Apps

Editors note: This post is part of a series that explores the top ten reasons why customers trust Google with their business data. A complete top ten list can be found here.

We recently announced that more than 4 million businesses run on Google Apps and 5,000 more are signing up every day. Many of these business “go Google” for enhanced security features. One example is 2-step verification, an opt-in security feature that we added to Google Apps last year.

2-step verification adds an additional layer of protection to your account and significantly reduces the risk of unauthorized access. With 2-step verification, you sign into your account with both your password and a one time verification code you get on your phone. You can generate the code with a mobile app (on Android, iPhone and Blackberry), or get it in an SMS text message or a voice call.

This feature helps ensure that only you can sign in to your account. It also helps protect you if your password gets stolen via phishing attempts, keyloggers or other malicious software, or from another website where you might have used the same password. Without the verification code, hackers can’t access your Google Apps account—even if they have your password.

While two-factor authentication is not a new concept, many businesses have historically struggled with deploying it due to cost, IT complexity and usability issues associated with requiring users to carry separate token generators. Google Apps includes 2-step verification at no additional cost, using existing phones to make it simple and easy to deploy. It’s available in over 40 languages and in more than 150 countries.

We also support Security Assertion Markup Language (SAML)-based Single Sign-On (SSO) for businesses that already use separate authentication technologies and would like to continue using them. Google Apps for Business supports the SAML 2.0 specification and allows businesses to apply custom security features, password management policies, and their own two-factor authentication solution. This SSO capability is an alternative to the 2-step verification feature that is included with Google Apps.

Protecting your accounts with strong authentication mechanisms is a great way to help ensure your information remains safe online. If you are an existing customer, you can easily configure 2-step verification, once your administrator has enabled the feature for your domain.

Posted by Eran Feigenbaum, Director of Security, Google Enterprise

Editors note:This post is part of a series that explores the top ten reasons why customers trust Google with their business data. A complete top ten list can be found here.

In the previous post in this series, we described how Google’s cloud data centers are designed and built to protect the data that customers store in Google Apps. One of the benefits of this architecture is that our customers don’t have to maintain the systems that run Google Apps, we do it for them. This reduces both costs and risks for our customers.

One of the risks organizations face comes from malicious software (a.k.a. “malware”) that attempts to exploit vulnerabilities in operating systems and applications. As vulnerabilities are exposed, technology vendors issue patches to fix them in what has become a seemingly never-ending routine. This can be costly and time consuming as it becomes a race to patch vulnerabilities before they’re exploited. When organizations support multiple versions and types of operating systems and applications, the challenges increase rapidly. Using Google Apps eliminates servers and reduces the number applications that need to be patched, which helps reduce risk.

Customers such as Brian Hobbs, IT Director for Hunter Douglas have this to say about patch management in Google Apps: “The company saves money but even more importantly, I save time in administering licenses, installations, security patches, and training.”

Many organizations that I talk to describe how they have developed a proficiency in deploying patches in their legacy environments. They’ve done so out of necessity - there really was no choice. But these proficiencies carry high costs in terms of human resources and 3rd party patch management systems. Google Apps allows organizations to change this mindset and reduce the number of IT resources and 3rd party systems dedicated to the patch management process.

Andrew Murrey, Vice President of IT Infrastructure at Cinram North America, had this comment: “we calculated that we could be saving 60% on email alone by moving to Google Apps for Business – a clear winner when it came to price per user – but we also knew we’d save serious time on IT management, freeing my team up to do more strategic work.”

IT security professionals often ask me how we address patching. In our data centers we take a different approach to patch management. Rather than many different types of systems, we have a very homogeneous architecture that allows us to be highly efficient in deploying patches. The data center machines are specifically designed and identically configured in ways that reduce the potential number of vulnerabilities within our systems compared to traditional on-premise, so called “private cloud” and hybrid technologies. When a patch is required, our architecture allows us to deploy it very quickly across all our systems. And it’s seamless and invisible to our customers, which allows them to take a different approach to patch management as well: one that reduces risk and cost.

In the next post in the series we’ll look deeper into strong authentication. In the meantime, for more information about the data protections in place for Google Apps, please visit our Google Apps Trust page.

Posted by John Collins, Senior Global Trust PM, Google Apps

Editors note: This post is part of a series that explores the top ten reasons why customers trust Google with their business data. A complete top ten list can be found here.

When users think of Google Apps, they often think of their Gmail inboxes or collaborating on documents in real time with others. They often don’t think of what’s going on behind the scenes. Our cloud computing data centers offer our customers scalability and reliability across all of our products and websites, supporting millions of businesses on Google Apps and over 1 billion Internet searches every day. Our pure and proven cloud offers Apps customers significant data protections that would be hard for those customers to achieve on their own. It’s also the infrastructure that we use to run our own business.

As we’ve grown, we’ve developed an expertise around building data centers and protecting the data stored in them. The machines in the data centers that run our applications are built to our own specifications, including ones focused on security. The hardware is limited to what is necessary for the applications to run, and eliminates unnecessary components such as peripheral connectors or video cards. Similarly, the software that we run on the machines is a specialized, stripped-down version of the Linux operating system leaving out any unnecessary software code such as device drivers. This approach helps provide a computing environment that is less prone to vulnerabilities, compared to typical on-premise, so called “private cloud” or hybrid IT environments.

The services we offer are first and foremost Internet-based applications and platforms. We were born on the Internet, not on a single computer or server. We've published some of our core underlying technologies such as BigTable, the SPDY protocol, Google FIle System (GFS) and MapReduce. The last two of which have gone on to inspire Hadoop, the Apache open source framework that underpins many leading cloud or big data applications. Googlers Luiz André Barroso and Urs Hölzle even wrote a mini-book about some of Google’s approaches, entitled “The Datacenter as a Computer: An Introduction to the Design of Warehouse-Scale Machines”.

Lots of users leads to lots of network traffic that allows us some significant advantages in terms of security. For instance, the spam filtering in Gmail gains rapid visibility into emerging and evolving spam and virus threats, which in turn helps us to block the vast majority of them. This kind of large scale Internet infrastructure also typically provides better protection from denial of service type attacks. It also puts us in a position to spot malicious traffic and help protect users from malware.

Unprecedented global scale would not matter without the ability to reliably deliver business critical services. That is another powerful feature of Google’s technology and process discipline. We’ve built our platform to withstand expected hardware failure, relying on software and highly automated processes in order to support a 99.9% uptime SLA that has no maintenance window. In 2010 Gmail uptime was 99.984% and we are over 99.99% for the first half of 2011. This is an approach you fundamentally can’t take with traditional on premise IT systems.

Running data centers at this kind of scale takes energy, but as a carbon-neutral company we strive to use as little as possible - in fact, our facilities use half the energy of a typical data center. You can read more about our efficiency efforts and our approach to purchasing renewable energy.

In just the 4.5 years I’ve been at Google, I’ve seen quite a few generational changes in the kit we run, be it “simple” things like sheet metal for servers to something more complex like our motherboards, or something even more fluid and complicated like our various software layers. Through all those upgrades, build outs, and migrations, the focus on reliability remains. This is something that keeps me coming back to work day after day, and drives me to help others understand the value we can add to protecting their data and powering their businesses.

Posted by Jaideep Mirchandani, Google Apps Product Manager & Parag Samdadiya, Google Apps Engineer

Editors note: This post is part of a series that explores the top ten reasons why customers trust Google with their business data. A complete top ten list can be found here.

One of the myths surrounding cloud computing is that you lose control of your data when it’s stored in the cloud. In fact, the opposite is true. When information is stored in Google Apps, administrators have access to management tools that give them the visibility and control they need without having to manage IT infrastructure. The Google Apps control panel offers a host of management tools, and over the past year alone we’ve added capabilities that let administrators manage multiple domains, configure specific administrative roles, and set user policies, to name a few (a complete list is here).

Starting today, the Google Apps control panel will also provide access to an audit log which permits an administrator to view details of administrative changes that have been made to their Google Apps domain. Some examples are:

• Changes made to users, aliases and organizations
• Changes made to various application settings in Gmail, Google Docs
• Changes made to mobile settings
• Changes in delegated administration

To save administrators time and make it easier for them to find reports, we’ve also moved the reporting section (including the audit log) to the top-level of the Control Panel. This section is now immediately visible within the Control Panel.

Debbie Farley, a Business Analyst with Caraustar, Inc. comments: “The Admin Audit capability provides our company with insight into key administrative tasks such as who is creating users and changing passwords. We also appreciate the new location of the Reports tab. It makes it easy to get to the audit log.”

David Cifuentes with Eforcers.com added, “With the Admin Audit feature we were able to gain visibility into changes that are taking place in the admin panel of our Google Apps domain, in a very easy and informative way. It even displays the changes that have happened months ago, letting us filter by action, date and administrator. The ability to export the information in a file was also helpful, in order for us to analyze the data deeper outside the panel.”

These reports are available today to users of Google Apps for Business, Education and Government. Together with other Google Apps APIs these tools give administrators the visibility and control they need to effectively manage their Google Apps instances.

Posted by Adam Swidler, Senior Manager, Google Apps Team



Over three million businesses have moved to Google Apps, and several factors have driven this transition. While improved productivity and cost savings have long been at the top of the list, more and more customers are choosing Apps for its security and reliability benefits. Our pure and proven cloud is designed to protect our users’ data and deliver reliability at levels that are very difficult or impossible for many organizations to achieve on their own. Even on-premises, so called “private cloud” and hybrid technologies are challenged to deliver the data protection and reliability that comes with Google Apps.



Here are the top 10 data protection and reliability advantages that we hear about most frequently from customers (in no particular order):



1. Powerful administration tools give you control of your data

When business data is stored in Google Apps, administrators have powerful tools to help them manage things like users, documents and services. Reports also provide visibility into how the applications are being used and what data is in them so that administrators have the control they need without having to maintain the infrastructure.



2. Pure and proven cloud architecture

Our datacenter server infrastructure is specifically designed and built for our applications and does not include unnecessary hardware or software code such as peripheral ports or device drivers. This reduces the number of potential vulnerabilities that could be targeted.



3. Patch management

Downloading, testing and deploying patches has become a significant pain for many IT departments. Google Apps reduces this pain because there are no servers for customers to patch. We manage the servers and take care of all updates.



4. Strong authentication

Google Apps includes 2-step verification for all user accounts - at no additional charge. Businesses and organizations can easily deploy an extra layer of protection for their user accounts using devices they already have. This makes strong authentication available to many organizations that did not have it before. Google Apps also integrates with existing Single Sign On (SSO) mechanisms via open standards.



5. Disaster recovery

Google Apps offers robust disaster recovery capabilities which are commonly measured by Recovery Time Objective (RTO) and Recovery Point Objective (RPO). RTO measures how long before users can access systems in the event of a failure and RPO measures how much of a gap there is in the data when it is restored. Google Apps is designed with RTO and RPO goals of zero. Emails, documents and data are saved every few seconds and replicated in multiple data centers. This means that if one of our data centers becomes unavailable, we seamlessly switch the user to another data center and because it has been replicated there is no loss of data and users can continue working uninterrupted.



6. Third party verifications

Google Apps and our data centers are SSAE 16 Type II audited and have achieved the U.S. Federal Government’s FISMA certification. SSAE 16 is an auditing standard where a third party auditor evaluates the controls in place for numerous areas including physical and logical security, privacy, incident response and more. The Federal Information Security Management Act or FISMA is the law defining security requirements that must be met by all US Federal government information systems. While FISMA certification is required for U.S. Government agencies, it is also a strong validation in the private sector of the technologies and processes we use to protect the data in Google Apps.



7. Information security expertise

We employ an information security team of over 250 people with a wealth of expertise not found in most organizations. Many have advanced degrees and are thought leaders in information security. The security team regularly publishes research and contributes open source tools to the security community. They monitor our global network of datacenters and applications 24x7x365.25 (they don’t rest on leap years).



8. Secure connections for users

We automatically encrypt browser sessions for Google Apps users without the need for VPN’s or other potentially costly and cumbersome infrastructure. This helps protect your data as it travels between users’ browsers and our data centers.



9. High availability

Google Apps has zero maintenance windows or planned downtime. While we offer a 99.9% uptime SLA, Gmail exceeded this guarantee in 2010 and achieved 99.984% uptime. We did this while delivering more than 30 new features and adding tens of millions of users. The status of Google Apps is visible to administrators and users on our publicly available status dashboard.



10. Reduced risk of data breach

Google Apps allows users to work securely on their data wherever they are, using a wide range of devices. The data is stored centrally in Google’s cloud which greatly reduces the need for users to take their data with them using USB drives or similar devices, which can be easily lost or stolen. This can help reduce the risk of a data breach, something that is on the mind of many organizations these days.



Over three million businesses trust Google to protect the data they store in Google Apps and make it reliably accessible. Over the next few weeks we’re going to dive deeper into each one of these areas to provide more details why Google Apps customers trust us with their business data.