Security, privacy top priority for Google: Feigenbaum

Despite Google Australia receiving a `please explain’ letter from the Privacy Commissioner about accidental Wi-Fi data collection this year, the search engine giant’s enterprise director of security, Eran Feigenbaum, is at pains to reassure customers that the company is committed to security and privacy.

Speaking to CSO Australia during the AISA National Conference 2012, Feigenbaum said that the company was becoming more transparent about what it did with customer data.

AISA 2012: Software assurance critical for security

“We’ve gone with things like the transparency report which shows how many requests we get from government entities for users’ data and what percentage of those we comply with,” he said.

“Just because we get a request [from a government entity] doesn’t mean we comply with it.”

In 2011, the company went through what Feignbaum referred to as privacy and policy restructuring. “Each [Google] product used to have its own privacy policy and now we have one privacy policy for all of Google,” he said.

Turning to the people, processes and technology of Google, Feigenbaum said the company employs 300 people in its security group whose priority is to secure customer data.

“With people come lots of tremendous advantages,” he said. “You know the latest trends, you’re monitoring the hacker boards and you know which new vulnerabilities are coming out.”

While Feigenbaum may be enterprise director of security, he is not exempt from having his IT projects analysed by Google’s security group.

“Before a single code gets written, it goes through security reviews, design reviews which are looking at all of the different attack surfaces that product could be exposed to and making sure they are all mitigated,” he said.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.