For this assignment, you are asked to locate any company privacy policy. Some of the more popular ones might include GOOGLE, APPLE, or MICROSOFT, but you may elect to review another agency. In 3- 4 paragraphs, explain what you find to be the most interesting information contained in that privacy policy. At the end of your report, please include a LINK to the policy you have reviewed.

The most interesting information I found in this policy is that google maintain different teams for maintaining the security. These teams work together to address Google’s overall global computing environment and take care of hardware infrastructure.

Dedicated Information Security team responsible for maintaining the company’s perimeter and internal defense systems, developing processes for secure development and security review, and building customized security infrastructure.

It also has a key role in the development, documentation, and implementation of Google’s security policies and standards. Dedicated Global Internal Audit and Global Compliance Team take care of Global Compliance function that is responsible for legal and regulatory compliance as well as a Global Internal Audit function responsible for reviewing and auditing adherence to said compliance requirements, such as Sarbanes-Oxley and Payment Card Industry standards (PCI).

And one more team which is physical security team that is responsible for maintaining hardware infrastructure. Google also has interesting security policy i.e Restricting Access Control on all Assets.In this policy user cannot access the information which is suspected to have some kind of mistrustful. Authentication Controls,Google requires the use of a unique User ID for each employee.

This account is used to identify each person’s activity on Google’s network, including any access to employee or customer data. This unique account is used for every system at Google. Authorization controls, Authorization Controls Access rights and levels are based on an employee’s job function and role, using the concepts of least-privilege and need-to-know to match access privileges to defined responsibilities Accounting Google’s policy is to log administrative access to every Google production system and all data. These logs are reviewable by Google Security staff on an as-needed basis.

LINK to the policy---> https://static.googleusercontent.com/media/1.9.22.221/en//enterprise/pdf/whygoogle/google-common-security-whitepaper.pdf