Stay organized with collections
Save and categorize content based on your preferences.
Privileged access at Google Cloud
Google Cloud systems are built with a focus on protecting your content
using controls and monitoring. Your content stored on Google Cloud
completely belongs to you. Occasionally, Google personnel might need to access
your content but these accesses are never without a valid business
justification.
Why Google personnel request access to Customer Data
The most common reason why Google personnel request access to
Customer Data is to resolve a customer support ticket.
If you create a customer support request, then a Google personnel might be
required to request access to your data. Access Transparency exists to provide
customers visibility into these accesses. Google provides various controls
to support the private of your data, regardless of whether Access Transparency is
enabled on an organization. For more information about these controls, see
Google infrastructure security design overview.
What is privileged access
Google personnel's access to your data to fulfill an obligation of providing
a contracted service is called privileged access. Access to your data
in Google Cloud is usually because of the following reasons:
You are accessing your own data.
A service you are using is accessing data on your behalf.
When requested to provide a contracted service, Google personnel acting as a
privileged administrator can access your data.
Foundational principles of privileged access management
Google Cloud's privileged access management strategy strictly limits what a
single Google staff member can view and do with your data. Google Cloud's
privileged access philosophy is based on the following principles:
Least privilege: Access to Customer Data is denied by default for all
Google personnel. When access is granted, it is temporary and no greater than
what is absolutely necessary to provide the contracted service.
Limit singular access to data: Singularly accessing Customer Data without
another individual involved is extremely difficult for any and every
Google personnel.
All access must be justified: By default, Google personnel don't have
access to Customer Data. Google personnel can access your data only with an
active, valid business justification. Google personnel can't access
Customer Data for justifications that are closed or where the Google person is
not a directly linked collaborator. For the list of valid business
justifications, see Justification reason codes.
Monitor and alerting: Monitoring and response processes exist to identify,
triage, and remediate violations of these principles.
Google Cloud products regularly undergo independent, third-party audits and
certifications to verify that their data protection practices match their
controls and commitments. For more information about how Google Cloud products
provide customers with transparency and control over their content, see the
whitepaper on Trusting your data with Google Cloud.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-25 UTC."],[[["\u003cp\u003eGoogle personnel may require temporary access to customer content, but only with a valid business justification, such as resolving a customer support ticket.\u003c/p\u003e\n"],["\u003cp\u003ePrivileged access refers to Google personnel accessing customer data to fulfill a contracted service, which is strictly limited and managed.\u003c/p\u003e\n"],["\u003cp\u003eGoogle Cloud's privileged access management is based on principles such as least privilege, limiting singular access, requiring justification for all access, and employing monitoring and alerting.\u003c/p\u003e\n"],["\u003cp\u003eAccess to customer data is denied by default for Google personnel, and any granted access is temporary and no greater than what is absolutely necessary.\u003c/p\u003e\n"],["\u003cp\u003eGoogle Cloud undergoes third-party audits to ensure data protection practices align with their controls and commitments.\u003c/p\u003e\n"]]],[],null,["# Privileged access at Google Cloud\n=================================\n\nGoogle Cloud systems are built with a focus on protecting your content\nusing controls and monitoring. Your content stored on Google Cloud\ncompletely belongs to you. Occasionally, Google personnel might need to access\nyour content but these accesses are never without a valid business\njustification.\n\nWhy Google personnel request access to Customer Data\n----------------------------------------------------\n\nThe most common reason why Google personnel request access to\n[Customer Data](/terms/service-terms) is to resolve a customer support ticket.\nIf you create a customer support request, then a Google personnel might be\nrequired to request access to your data. Access Transparency exists to provide\ncustomers visibility into these accesses. Google provides various controls\nto support the private of your data, regardless of whether Access Transparency is\nenabled on an organization. For more information about these controls, see\n[Google infrastructure security design overview](/docs/security/infrastructure/design).\n\nWhat is privileged access\n-------------------------\n\nGoogle personnel's access to your data to fulfill an obligation of providing\na contracted service is called *privileged access*. Access to your data\nin Google Cloud is usually because of the following reasons:\n\n- You are accessing your own data.\n- A service you are using is accessing data on your behalf.\n\nWhen requested to provide a contracted service, Google personnel acting as a\nprivileged administrator can access your data.\n\nFoundational principles of privileged access management\n-------------------------------------------------------\n\nGoogle Cloud's privileged access management strategy strictly limits what a\nsingle Google staff member can view and do with your data. Google Cloud's\nprivileged access philosophy is based on the following principles:\n\n- **Least privilege**: Access to Customer Data is denied by default for all\n Google personnel. When access is granted, it is temporary and no greater than\n what is absolutely necessary to provide the contracted service.\n\n- **Limit singular access to data**: Singularly accessing Customer Data without\n another individual involved is extremely difficult for any and every\n Google personnel.\n\n- **All access must be justified** : By default, Google personnel don't have\n access to Customer Data. Google personnel can access your data only with an\n **active** , valid business justification. Google personnel can't access\n Customer Data for justifications that are closed or where the Google person is\n not a directly linked collaborator. For the list of valid business\n justifications, see [Justification reason codes](/assured-workloads/access-transparency/docs/reading-logs#justification-reason-codes).\n\n- **Monitor and alerting**: Monitoring and response processes exist to identify,\n triage, and remediate violations of these principles.\n\nFor more information about Google Cloud's privileged access philosophy, see\n[Privileged access in\nGoogle Cloud](/docs/security/privileged-access-management).\n\nGoogle Cloud products regularly undergo independent, third-party audits and\ncertifications to verify that their data protection practices match their\ncontrols and commitments. For more information about how Google Cloud products\nprovide customers with transparency and control over their content, see the\nwhitepaper on [Trusting your data with Google Cloud](https://services.google.com/fh/files/misc/072022_google_cloud_trust_whitepaper.pdf).\n\nWhat's next\n-----------\n\n- To know more about Google Cloud's commitment toward protecting the privacy\n of Customer Data, see\n [Google Cloud and common privacy principles](/privacy/common-privacy-principles).\n\n- To learn about the core principles upon which controls that prevent\n unauthorized administrative access are based, see\n [Overview of administrative access controls](/assured-workloads/cloud-provider-access-management/docs/administrative-access).\n\n- To see the list of business justifications for which Google personnel can\n request to access customer data, see\n [Justification reason codes](/assured-workloads/access-transparency/docs/reading-logs#justification-reason-codes)."]]
