Trusted infrastructure

Our cloud infrastructure doesn't rely on any single technology to make it secure. Our stack builds security through progressive layers that deliver true defense in depth.

Operational and device security

We develop and deploy infrastructure software using rigorous security practices. Our operations teams detect and respond to threats to the infrastructure from both insiders and external actors, 24/7/365.

Conceptual image of rows of people sitting at computer desks fronted by a locked wall with a Trojan horse on the other side.

Internet communication

Communications over the internet to our public cloud services are encrypted in transit. Our network and infrastructure have multiple layers of protection to defend our customers against denial-of-service attacks.

Central sphere connected to six devices on individual clouds.

Identity

Identities, users, and services are strongly authenticated. Access to sensitive data is protected by advanced tools like phishing-resistant security keys.

3 laptops are linked to 3 users in clouds with padlocks and security keys between them and access terminals

Storage services

Data stored on our infrastructure is automatically encrypted at rest and distributed for availability and reliability. This helps guard against unauthorized access and service interruptions.

Four networked databases

Service deployment

Any application that runs on our infrastructure is deployed with security in mind. We don't assume any trust between services, and we use multiple mechanisms to establish and maintain trust. Our infrastructure was designed to be multi-tenant from the start.

Sets of racked servers, some with speech bubbles above them

Hardware infrastructure

From the physical premises to the purpose-built servers, networking equipment, and custom security chips to the low-level software stack running on every machine, our entire hardware infrastructure is Google-controlled, -secured, and -hardened.

Sets of racked servers, with a bicycle next to one

Take a virtual tour of a Google data center

Data centers

Google data centers feature layered security with custom-designed electronic access cards, alarms, vehicle access barriers, perimeter fencing, metal detectors, biometrics, and laser beam intrusion detection. They are monitored 24/7 by high-resolution cameras that can detect and track intruders. Only approved employees with specific roles may enter. 

Data center with lights on at dusk

Continuous availability

Infrastructure underpins how Google Cloud delivers services that meet our high standards for performance, resilience, availability, correctness, and security. Design, operation, and delivery all play a role in making services continuously available.

Our network

Google owns and operates one of the largest backbone networks in the world to connect our data centers. When your traffic is on our network, it no longer transits the public internet, making it less likely to be attacked, intercepted, or manipulated.