Go make it. we'll protect it.
Core to our mission is protecting yours. It’s why we focus on security from the beginning, so you can focus on achieving your goals.

Security Scenarios

Google Cloud solutions helps organizations address the most challenging security scenarios, drawing on what we’ve learned from protecting six global businesses with more than one billion customers.

Protect

Phishing

Phishing is an attempt to obtain sensitive information by sending email from spoofed addresses.

  • Email filtering with Gmail

    99.9% of spam and malicious email gets filtered out and never makes it to your employees’ inboxes. arrow_forward

  • Safe Browsing

    Chrome Browser displays warnings to deter your employees from visiting sites suspected of phishing or hosting malware. arrow_forward

  • Two-Step Verification (2SV) and Security Keys

    Even if an employee’s security credentials are compromised, 2SV helps prevent hackers from accessing the account without a physical security key. arrow_forward

  • Cloud Identity-Aware Proxy (Cloud IAP)

    Limit an attacker’s ability to access applications with granular identity-based controls. arrow_forward

Statistic Source: PhishMe “Enterprise Phishing Susceptibility and Resiliency Report” (2016)

Ransomware

Ransomware is malware that encrypts data on a user’s computer. Criminals demand payment to decrypt the data and restore access.

  • Safe Browsing

    Chrome Browser displays warnings to deter your employees from visiting sites suspected of hosting malware. arrow_forward

  • Sandboxing

    Chrome Browser prevents malware like ransomware from spreading across a user’s system by isolating the threat to one tab. arrow_forward

  • Chrome OS

    With each reboot, Chrome’s Verified Boot makes sure the OS hasn't been compromised. If malware is detected, it will revert back to the most recent version of the operating system. arrow_forward

  • Google Drive

    Drive’s desktop client, Drive File Stream, backs up local files, so “clean” versions of any infected files can be easily restored. arrow_forward

  • Security Partners

    Google partners with endpoint protection leaders like CrowdStrike and TrendMicro to provide additional layers of protection. arrow_forward

Statistic Source: Kaspersky Lab “Kaspersky Security Bulletin” (2016)

Denial of Service

A Denial of Service (DoS) attack is an attempt to render your service or application unavailable — for example, by flooding your application with an overwhelming volume of traffic.

  • GCP Global Load Balancing

    Google Cloud Platform’s robust, global infrastructure mitigates infrastructure DDoS attacks, such as SYN floods, IP fragment floods, and port exhaustion. arrow_forward

  • NEW GCP Armor

    Provides scalable defense against application-aware and multi-vector attacks using IP blacklists and whitelists, geo-based access control, SQL injection and XSS defense, and custom rules. arrow_forward

  • Cloud CDN

    In the event of DDoS attacks on cacheable content, requests are sent to POPs all over the globe to help absorb the attack. arrow_forward

  • Scaling to absorb attacks

    Multi-region application instances increase surface area to absorb attacks. Auto scaling handles traffic spikes seamlessly. arrow_forward

  • Third-party DDoS defense and WAF solutions

    Partner solutions available on Cloud Launcher integrate seamlessly into deployments and add specialized protection. arrow_forward

Statistic Source: Imperva Incapsula Survey “What DDoS Attacks Really Cost Businesses” (2016)

Control

Data Exfiltration

Data exfiltration is the unauthorized transfer of sensitive information from your organization by an external attacker or a malicious insider.

  • Cloud Data Loss Prevention (DLP) API

    DLP API discovers, classifies and protects sensitive data such as financial records and Personally identifiable information (PII) across your organization. arrow_forward

  • Cloud Identity & Access Management (IAM)

    Control which users can access data and resources. arrow_forward

  • NEW VPC Service Controls

    Isolate GCP resources from one another with fine-grained network policies. arrow_forward

  • Forseti Security + NEW Cloud Security Command Center ALPHA

    Forseti scans GCP resources to ensure that appropriate access controls are in place. Cloud Security Command Center provides centralized reporting of security events to spot potential threats to your data and applications. arrow_forward

Statistic Source: Ponemon Institute “2017 Cost of Data Breach Study”

Smart Access from Anywhere

Context-aware access combines information about users and data sensitivity to make intelligent access control decisions.

  • NEW Cloud Identity

    Manage user accounts, authenticate users, enable single-sign on, and manage devices. arrow_forward

  • Cloud Identity-Aware Proxy (Cloud IAP)

    Control access to applications and resources based on user’s identity and contextual attributes like location, network, and device status. arrow_forward

  • NEW Access Context Manager

    Create granular access control policies based on attributes like user location, IP address, and endpoint security status.

Statistic Source: TINYPulse “What Leaders Need to Know About Remote Workers” (2016)

Security Monitoring

Organizations need to see vulnerabilities, threats, and incidents in order to assess risks and prioritize corrective action.

  • NEW Cloud Security Command Center ALPHA

    Gather, integrate, analyze, and act on unified security information (e.g., scans, notifications, and third-party feeds) from a single dashboard. Integrate with leading third-party solutions from Cloudflare, CrowdStrike, Redlock, Palo Alto Networks, and Qualys to enhance security assessment and detection. arrow_forward

  • Cloud Security Scanner

    Find security vulnerabilities in your web applications during development before they’re deployed. arrow_forward

  • G Suite Security Center

    Monitor your G Suite domain for security threats. View security analytics and act on best practice recommendations. arrow_forward

Statistic Source: Ponemon Institute “Advanced Threats in Retail and Financial Services” (2015)

Comply

Independent Verification

Google regularly undergoes audits of our security, privacy, and compliance controls.

See all arrow_forward

Security Resources

Video icon

New research: How to evolve your security for the cloud

Article icon

Google Cloud’s Approach to Security: An Overview

Article icon

Google Cloud Security Whitepapers

Article icon

Security at Scale with Cloud Computing: A Minute in the Life of Google

Article icon

Google Cloud and the General Data Protection Regulation

Article icon

G Suite Security & Trust

Get Started

Work with Google

Tell us about your business, and our experts will help you build the right solution for your needs.

Work with a partner

Choose one of our global partners to integrate our services with your current security operations.

Find a partner

Interested in becoming a partner? Apply here.