Google Cloud employs a comprehensive, multi-layered physical security strategy at its data centers, designed to protect customer data through a combination of advanced technology, strict access controls, and rigorous operational procedures.
Mind Map
Click to expand
Click to explore the full interactive mind map • Zoom, pan, and navigate
[upbeat music]
Wong: Hi, I'm Stephanie Wong, and I work for Google Cloud.
While I could talk all day about cloud security,
physical security at a Google data center
is still pretty new to me,
so today I'm on a mission to learn all about it
by taking an inside look at the systems in place
that protect customer data
at a typical Google data center. Let's go.
[upbeat music]
Now, I've been told there are six layers of security here.
Security layer one refers to the property boundaries,
and that includes signage and fencing.
But things really start to get interesting
when it comes to layer two, also known as the secure perimeter,
and that includes the main entrance gate which I am pulling up to right now.
[upbeat music]
Hey, how's it going? person: Good morning.
[upbeat music]
Wong: So layer two has a lot of security features
ranging from smart fencing to overlapping cameras
to 24/7 guard patrols and more.
I'm on my way to meet some experts
who are going to show me how it all works.
Hi, Joe.
Kava: Hi, Stephanie, how are you?
Wong: So I just passed the main gate and I saw guards and cameras,
but what are some things that I didn't see?
Kava: Yeah there's actually a lot of technology
and operations going on behind the scene.
So from the time that you're on site,
we know that you're here,
and we're able to do correlation analysis
of where you've been.
We have guards in vehicles, we have some guards on foot.
There's also the vehicle crash barrier.
That's designed to stop a fully loaded truck
from crashing through the front entrance.
Wong: Ricky, Tarik, can you tell me more about what's unique about the fencing?
Gordon: This particular fence is an anti-climb fence.
It's also equipped with fiber. The technology tells us
if someone's near the fence or touches the fence.
Billingsley: So we use thermal cameras and standard cameras.
So we're able to see video footage at night
just as clearly as we can during the day.
[light electronic music]
Wong: Welcome to layer three, building access.
But just so you know, I am still nowhere near
the data center floor.
That's a few more layers deep. Let's head inside.
O'Brien: Stephanie. Wong: Hello.
O'Brien: So you've gotten through the gate, you've come in,
you've come in to our secure lobby.
You have your card, and we know that that's you,
but if someone happened to lose their card,
what we want to make sure is that it's actually Stephanie
who has shown up.
scanner: Please center your eye.
O'Brien: And with iris scan, we can authenticate
that it's actually you along with your ID.
Wong: Okay, I think it's good.
One thing that's a little hard to get used to
when you visit a data center is,
for secure areas, only one person
is allowed to badge through a door at a time.
[light electronic music]
Layer four includes the security operations center,
or SOC, a hive of activity that is monitoring the data center
24/7, 365 days a year.
[light electronic music]
So it sounds like we've been keeping them very busy today.
Davis: Yes, yes you have.
So the doors, the cameras, the badge readers,
the iris scan-- everything is connected here.
This is the brains of the security system.
So if there's anything out of the ordinary happening,
they have to be able to pick that up.
[upbeat music]
Wong: Interesting fact about layer five,
the data center floor:
less than 1% of Googlers ever get to set foot in here.
So right now, I'm feeling kinda special.
[upbeat music]
Kava: This is truly a as-needed only access area,
meaning that only the technicians
and engineers that have to be there
to maintain, upgrade, or repair the equipment
are ever allowed there.
Wong: And do Googlers or anyone have access to the data?
Kava: We have access to the devices, but the data at rest
is encrypted, and our customers can issue
and keep their own encryption keys,
and we do this because protecting the privacy
and the security of our users' data is our highest priority.
Wong: The mysterious layer six, where disks
are erased and destroyed and the fewest number of people
are allowed to enter.
Drives that need to be retired from the data center floor
come into this room through a secure two-way locker system
which means that only technicians assigned to this room
can pull them from that locker to either erase
or destroy them.
Henley: All right, welcome to the crusher room.
Wong: Wow.
Henley: So at this point, we have scanned the hard drive,
and the software has told us that we need to destroy it.
Wong: Can we see it in action?
Henley: Back up. Wong: All right.
I'll stay back here. [both laugh]
[mechanical whirring]
That disk is definitely destroyed.
Henley: Yes it is.
[upbeat music]
Wong: If you didn't think these six layers of security
were enough, Google Cloud actually has
two security testing programs in place.
One hires companies to try to break in
to data center sites from the outside,
and the other tasks Googlers with trying to break
security protocols from the inside.
And getting out of a data center is arguably even harder
than getting in, as everybody has to go through full metal detection
each time they leave the data center floor.
[upbeat music]
person: Thank you, ma'am, for your cooperation.
Wong: Thank you.
Google Cloud supports compliance
with over 40 global standards, regulations, and certifications,
and the commitment to constantly test, optimize, and improve systems
makes it a leader in data center security.
Now, how do I get out of here?
[upbeat music]
Click on any text or timestamp to jump to that moment in the video
Share:
Most transcripts ready in under 5 seconds
One-Click Copy125+ LanguagesSearch ContentJump to Timestamps
Paste YouTube URL
Enter any YouTube video link to get the full transcript
Transcript Extraction Form
Most transcripts ready in under 5 seconds
Get Our Chrome Extension
Get transcripts instantly without leaving YouTube. Install our Chrome extension for one-click access to any video's transcript directly on the watch page.
