Security is often a deciding factor when choosing a public cloud provider. At Google, security is of the utmost importance. We work tirelessly to protect your data—whether it is travelling over the Internet, moving within Google’s infrastructure, or stored on our servers.
Central to Google’s security strategy are authentication, integrity, and encryption, for both data at rest and in transit. This paper describes our approach to encryption in transit for Google Cloud.
Google applies different protections to data in transit when it is transmitted outside a physical boundary controlled by or on behalf of Google. A physical boundary is a barrier to a physical space that is controlled by or on behalf of Google, where we can ensure that rigorous security measures are in place.
The goal is to achieve 100% encryption across our products and services. To this end, we publish an annual HTTPS Transparency Report that tracks our progress towards this our goal for all properties.