Security in Google Cloud

Google provides the world’s most advanced security that keeps more people safe online than anyone else. Our approach, developed over decades operating at a global scale, comprehensively protects your data. With our shared fate model, we work together with you as a team toward a common security and risk management goal. As a result, you can operate with confidence that threats and advanced attacks are minimized, detectable, and recoverable.

Securing and protecting your data rests on three key pillars: security by design, security by default, and security in deployment.

Contact us

Security by design

Our cloud services are designed to deliver better security than many on-premises approaches. The security of our infrastructure is designed in progressive layers to provide defense-in-depth and security capabilities are continuously engineered into our trusted cloud platform. 

Some examples of security by design are:

Read more about the design of our infrastructure

Security by default

Our security defaults provide multiple levels of complementary defenses designed to reduce your risk from configuration errors, as well as attacks. 

Our built-in automatic protections include:

  • Default security services that are part of our secure by design infrastructure such as default encryption for data at rest and in transit and DDoS protection
  • Default configurations for services such as compute and storage that limit public access
  • Advanced features like external and customer key management available across our products 
  • Hard points and guardrails that help mitigate risk from configuration errors
Learn more about our security controls and approach

Security in deployment

Google Cloud provides tooling and opinionated guidance so you can achieve and maintain your desired security, risk, and compliance posture.  

Capabilities to assist with secure cloud deployments include:

Learn more about our best practices
  • Assured Workloads: Create and enforce a controlled environment for your regulated workloads (including data residency, personnel controls, and service restrictions) with just a few clicks
  • Security Command Center: our native security and risk management platform to identify and resolve security misconfigurations and compliance violations in your Google Cloud assets 
  • Embedded controls to enhance the security of key Google Cloud services (for example, Confidential Computing and automatic DLP)
iron mountain logo
Google Cloud’s shared fate operating model allowed us (Iron Mountain) to reduce the number of controls we were responsible for to help achieve FedRAMP compliance. We were able to inherit key compliance and security controls that were configured by default, so we could focus on implementing additional controls we needed to support our specific business requirements.
Read the case study

Take the next step

Tell us what you’re solving for. A Google Cloud expert will help you find the best solution.

Contact sales
Google Cloud
send_spark
    DocsSupport
    • ‪English‬
    • ‪Deutsch‬
    • ‪Español‬
    • ‪Español (Latinoamérica)‬
    • ‪Français‬
    • ‪Indonesia‬
    • ‪Italiano‬
    • ‪Português (Brasil)‬
    • ‪简体中文‬
    • ‪繁體中文‬
    • ‪日本語‬
    • ‪한국어‬
    Console
    Sign in
    Start free
    Contact Us
    • Accelerate your digital transformation
    • Whether your business is early in its journey or well on its way to digital transformation, Google Cloud can help solve your toughest challenges.
    • Google Cloud products
    • Browse over 100 products. New customers get $300 in free credits to run, test, and deploy workloads. All customers can use 25+ products for free, up to monthly usage limits.
    • Save money with our transparent approach to pricing
    • Google Cloud's pay-as-you-go pricing offers automatic savings based on monthly usage and discounted rates for prepaid resources. Contact us today to get a quote.
    Google Cloud