Incident management We have a rigorous incident management process for security events that may—afect—the—conidentiality,—integrity,—or—availability—of—systems—or—data.— If an incident occurs, the security team logs and prioritizes it according to its severity. Events that directly impact customers are assigned the highest priority.—This—process—speciies—courses—of—action,—procedures—for—notiication,— escalation, mitigation, and documentation. Google’s security incident management program is structured around the NIST guidance on handling incidents—”NIST—SP—800Ȃ61).—Key—staf—are—trained—in—forensics—and—handling— evidence in preparation for an event, including the use of third-party and proprietary tools. Testing of incident response plans is performed for key areas, such as systems that store sensitive customer information. These tests take into consideration a variety of scenarios, including insider threats and software vulnerabilities. To help ensure the swift resolution of security incidents, the Google security team is available 24/7 to all employees. If an incident involves customer data, Google or its partners will inform—the—customer—and—support—investigative—eforts—via—our—support—team. Technology with Security at Its Core G Suite runs on a technology platform that is conceived, designed and built to operate securely. Google is an innovator in hardware, software, network and system management technologies. We custom-designed our servers, proprietary operating system, and geographically distributed data centers. Using the principles of “defense in depth,” we’ve created an IT infrastructure that is more secure and easier to manage than more traditional technologies. State-of-the-art data centers Google’s focus on security and protection of data is among our primary design criteria. Google data center physical security features a layered security model, including safeguards like custom-designed electronic access cards, alarms, vehicle access barriers, perimeter fencing, metal detectors, and—biometrics,—and—the—data—center—loor—features—laser—beam—intrusion— detection. Our data centers are monitored 24/7 by high-resolution interior and exterior cameras that can detect and track intruders. Access logs, 6