There are a lot of myths about security in the cloud. Here are a few worth busting:
Unless you use your services to do so, Google does not share your data with other people (barring the very special cases covered in our privacy policy). In fact, Google doesn't sell, trade or rent any personally identifiable user information.
Google protects your data in transit over the internet with SSL encryption. Their large information security team constantly monitors their global network of data centers to keep your data safe when it is in their care. Admin and security controls passed a ISAE 3402 Type II audit and Google was the first Cloud based messaging and collaboration suite to achieve US FISMA (Federal Information Security Management Act) certification. You can also choose two-step authentication in addition to a password to make unauthorized access much harder.
Google keeps your data for as long as you have an account with them - but if you do want it continue they have tools to help you export your emails, diaries, contacts, documents and sites. You can, for example, export your documents to various Microsoft-compatible formats. Find out more at Google’s Data Liberation Front.
Google employees may not access the data in your account outside of extremely special circumstances for which they will still require your permission.
Our research has shown that most owners and managers of small businesses dangerously overestimate their current level of security. They don’t have recent back-ups and don’t secure them off-site (with Google Apps, data is automatically backed up in our global data centres, protecting it from accidental damage, loss, theft and fire). They don’t have a disaster recovery plan for when things go wrong And they don’t encrypt their valuable data (with Google Apps, all data is encrypted in transit and access is further secured by two-step authentication, meaning data is far more secure in our cloud than it would be stored locally on a laptop).