Today we read up on how Google protects its data. Generally these apply to all Google Apps Products but we will compare it to Adobe Cloud Services Compliance Overview wherever appropriate. As one of the foremost software development companies, Google has a strong security culture. Its employees are some of the best, all employees get security training, there are dedicated security and privacy team and include internal audit and compliance specialists. They also collaborate with researchers and research community in this area. Their claim includes the assertion that their cloud services security are even better than many traditional on-premises solutions. They dogfood their own cloud services that they make available to their customers which include over five million organizations worldwide.
Security is an integral part of their operations. First, they scan for security threats using tools, they use penetration testing, quality assurance processes, security reviews and external audit. They also prevent, detect and eradicate malware using tools such as VirusTotal. Their monitoring program analyses internal network traffic and thwart botnet connections. They have a proprietary correlation system that also analyses logs. They have a rigorous incident management process for security events that affect the confidentiality, integrity or availability of systems of data. Any data corruption possibility is eliminated starting from the design board itself. This particular program follows the NIST guidance on handling incidents.
Google is notable for its innovative and custom-designed servers, proprietary operating systems and geographically distributed data centers. This embraces the "defense in depth" view. The datacenters are state of the art. Access logs and activity records are maintained. Every ciritical component has alternate power while minimizing environmental impact with proprietary "free-cooling" techniques. Google's IP network consist of their own fiber, public fiber, and undersea cables. This reduces hops.
Traffic is routed through Google Front End servers to detect and stop malicious requests and Distributed Denial of Service attacks.
Data is encrypted in transit, at rest and on backup media, moving over the internet or traveling between the data centers. They build redundancy into their server design, data storage, network and internet connectivity and even the software services. Their recovery point objective (RPO) target is zero and their recovery time objective (RTO) design objective is also zero through live or synchronous replication.
Their audits cover compliance standards such as ISO27001, ISO27017, ISO27018, SOC 2 and SOC 3 as well as the FedRAMP programs. Incidentally these are also covered by Adobe. Google meets law enforcement data requests for legal requests as long as they are issued as subpoena or other written forms. They took a step forward by starting to regularly publish such data requests as their Transparency reports.
#codingexercise
Security is an integral part of their operations. First, they scan for security threats using tools, they use penetration testing, quality assurance processes, security reviews and external audit. They also prevent, detect and eradicate malware using tools such as VirusTotal. Their monitoring program analyses internal network traffic and thwart botnet connections. They have a proprietary correlation system that also analyses logs. They have a rigorous incident management process for security events that affect the confidentiality, integrity or availability of systems of data. Any data corruption possibility is eliminated starting from the design board itself. This particular program follows the NIST guidance on handling incidents.
Google is notable for its innovative and custom-designed servers, proprietary operating systems and geographically distributed data centers. This embraces the "defense in depth" view. The datacenters are state of the art. Access logs and activity records are maintained. Every ciritical component has alternate power while minimizing environmental impact with proprietary "free-cooling" techniques. Google's IP network consist of their own fiber, public fiber, and undersea cables. This reduces hops.
Traffic is routed through Google Front End servers to detect and stop malicious requests and Distributed Denial of Service attacks.
Data is encrypted in transit, at rest and on backup media, moving over the internet or traveling between the data centers. They build redundancy into their server design, data storage, network and internet connectivity and even the software services. Their recovery point objective (RPO) target is zero and their recovery time objective (RTO) design objective is also zero through live or synchronous replication.
Their audits cover compliance standards such as ISO27001, ISO27017, ISO27018, SOC 2 and SOC 3 as well as the FedRAMP programs. Incidentally these are also covered by Adobe. Google meets law enforcement data requests for legal requests as long as they are issued as subpoena or other written forms. They took a step forward by starting to regularly publish such data requests as their Transparency reports.
#codingexercise
Print a binary tree vertically.
void PrintVertically(Node root)
{
int min = 0; int max = 0; int hd = 0;
FindLimits( root, hd, ref int min, ref int max)
for (int i = min; i <= max; i++){
PrintVerticalLine(root, i, hd);
Console.WriteLine();
}
}
void findLimits(Node root, ref int min, ref int max, int hd)
{
if (root == null) return;
if (hd < min) min = hd;
if (hd > max) max = hd;
findLimits(root.left, ref min, ref max, hd-1);
findLimits(root.right, ref min, ref max, hd+1);
}
void PrintVerticalLine(Node root, int i, int hd)
{
if (root == null) return;
if (hd == i)
Console.Write("{0} ", root.data);
PrintVerticalLine(root.left, i, hd-1);
PrintVerticalLine(root.right, i, hd+1);
}
No comments:
Post a Comment