How Google ensures the safety of your data

With new technologies and services arising every day, more and more people are worried about the safety of their data. While some people already gave up on their right to privacy, others are fighting for it. Let's look at how Google deals with this issue.

According to PWC (2017), consumers are concerned about cybersecurity and privacy implications of several developing technologies. More than half of them consider Artificial Intelligence (AI) and the Internet of Things (IoT) as a potential threat to their privacy. Also, 49% of consumers interviewed see Machine Learning (ML) as a risk to their data safety.

At this year's Google Cloud Next, Thomas Kurian, current CEO of Google Cloud, assured that data wouldn't be passed along to third parties without the agreement of the respective party. But to ensure data security is in place, consumers need specific technologies to be satisfied. Therefore, Google implemented different mechanisms to secure the data stored and saved on its Cloud. All these structures are based upon six principles Google applied in their work.

The six principles Google works upon

1. In everything Google does security comes first, and you as a customer will be notified first if your data is in danger of misuse.
2. All the data will be processed under the guidance of the customer so they have full control over their own data.
3. Google Cloud clients' data will not be used for advertising.
4. The customer knows exactly where the data is stored at any time. The Google data centres are accessible, resilient and secure, and their location is published.
5. Google’s security practices are verified and validated by independent auditors so customers can be sure of the quality of implemented methods.
6. Governments will be given access to customer’s data only if those agree beforehand.

Google Cloud Infrastructure

Google’s network delivers around 25% of internet traffic. That is why infrastructure security is an important aspect to consider. So how does Google ensure infrastructure safety to avoid data misuse on the way? To cover every aspect of it, let us have it explained through an example.

Whenever you are uploading a piece of data to one of Google Cloud’s services, it happens quickly. But behind the visible user interface, the data is being protected through different means.

Encryption of the file and Google’s backbone network

The file that is uploaded is being encrypted in transit so pernicious third parties can't read it. All connections to a Google network are being processed through front end servers that terminate the connection and provide encryption through an HTTPS protocol. The front end also directs the request to the right service. The file might now travel to another location through a Google-owned undersea cable which is protected against any disruption as well. Google possesses one of the biggest backbone networks in the world.

Safe data storage

Once transferred to the Cloud, the file will be stored on one of Google's servers. All customer content that is stocked by a Google Cloud service is encrypted at rest by default. The file is then first chunked and broken up into pieces. Each chunk will be enciphered with its data encryption key.

Re-encryption of the files

Furthermore, each key is wrapped using a key encryption key which is centrally stored. The enciphered chunks and their keys are being scattered across the storage infrastructure for reliability and security and if the file gets updated a new key will be used to re-encrypt it. Now, if hackers want to access the data, they do not only need to access all keys but also to the pieces of the file which are spread across multiple servers.

Titan security chip and data centres

Of course, Google's servers protect the file as well. They own the hardware and the software to have complete control over the infrastructure. Moreover, Google's servers contain a custom Titan security chip which helps to ensure that no unauthorized device or software operates on Google's network. If everything works as expected, the machine goes online and is ready for action.

The servers are located in Google-owned data centres worldwide. Those, on the other hand, are secured by metal detectors, access cards, biometric scanners, large fences and a 24/7 surveillance.

Daily, millions of files are being uploaded to the Google Cloud, and this is how they are protected. If you want to know more about the topic or our day-to-day work with the Google Cloud and our partnership with Google contact and follow us here or on social media.