Page 14 - google-cloud-security-and-compliance-whitepaper
P. 14
like alien and zombie invasions.
Our highly redundant design has allowed Google to achieve an uptime of
99.984% for Gmail for the last years with no scheduled downtime.
Simply put, when Google needs to service or upgrade our platform, users
do not experience downtime or maintenance windows.
Service availability
Some of Google’s services may not be available in some jurisdictions.
Often these interruptions are temporary due to network outages, but
others are permanent due to government-mandated blocks. Google’s
Transparency Report also shows recent and ongoing disruptions of traffic
to Google products. We provide this data to help the public analyze and
understand the availability of online information.
Independent Third-
Party Certifications
Google’s customers and regulators expect independent verification of
our security, privacy, and compliance controls. In order to provide this, we
undergo several independent third-party audits on a regular basis. For each
one, an independent auditor examines our data centers, infrastructure, and
operations. Regular audits are conducted to certify our compliance with the
auditing standards ISO 27001, ISO 27017, ISO 27018, SOC 2 and SOC 3, as
well as with the US Federal Risk and Authorization Management Program
(FedRAMP). When customers consider G Suite, these certifications can help
them confirm that the product suite meets their security, compliance and
data processing needs.
ISO 27001
ISO 27001 is one of the most widely recognized and accepted independent
security standards. Google has earned it for the systems, technology,
processes, and data centers that run G Suite. Our compliance with the
international standard was certified by Ernst & Young CertifyPoint, an ISO
certification body accredited by the Dutch Accreditation Council (a member
of the International Accreditation Forum, or IAF). Our ISO 27001 certificate
and scoping document are available in here.
10
