This document gives an overview of how security is designed into Google’s technical infrastructure. This global scale infrastructure is designed to provide security through the entire information processing lifecycle at Google. This infrastructure provides secure deployment of services, secure storage of data with end user privacy safeguards, secure communications between services, secure and private communication with customers over the internet, and safe operation by administrators.
Google uses this infrastructure to build its internet services, including both consumer services such as Search, Gmail, and Photos, and enterprise services such as G Suite and Google Cloud Platform.
We will describe the security of this infrastructure in progressive layers starting from the physical security of our data centers, continuing on to how the hardware and software that underlie the infrastructure are secured, and finally, describing the technical constraints and processes in place to support operational security.
This document also touches on something I always find quite fascinating – Google is, actually, an incredibly successful hardware company.
A Google data center consists of thousands of server machines connected to a local network. Both the server boards and the networking equipment are custom-designed by Google.
I have no idea how many servers Google actually owns, but this could make them one of the biggest hardware companies in the world.
interesting reading. Quite impressive in my eyes.
About this many: https://www.ted.com/talks/randall_munroe_comics_that_ask_what_if
Their focus is very much on their security vs yours.
They still allow any device to connect to their office suite.. which is fine .. but is a gap in most organisations security model.
Here’s how they could fix it really easily as an optional control.
https://medium.com/@postenterprise/one-m-billion-dollars-f86ab141480…
I did in fact discuss this with some Google people ages ago but looks like buying came of it.