你要瀏覽的網頁目前並未提供你慣用的語言版本。你可以在頁面底部選取其他語言版本,或使用 Google Chrome 內建的翻譯功能,將網頁內容即時翻譯成所選的語言。

Security Assessment

To maintain the security of Google user's data, apps that request access to restricted scopes need to undergo an annual security assessment. This assessment verifies that the app can securely handle data and delete user data upon request. Upon successfully passing the security assessment, the app will be awarded a "Letter of validation" (LOV) from the security assessor, indicating its ability to handle data securely.

To improve and standardize our security assessment process, we implemented the App Defense Alliance and the Cloud App Security Assessment framework (CASA).

Key features of the security assessment framework:

  • Standardized requirements based on the OWASP's app Security Verification Standard (ASVS) allowing more automated testing and faster remediation.
  • Tiering: CASA adapted a risk-based, multi-tier assessment approach to evaluate app risk based on users count, scopes accessed, and other app specific items. Each project will fall under a specific tier.
  • Accelerator: The CASA accelerator is a tool that minimizes the checks you have to complete based on the certifications you have already passed.
  • Annual Recertification: All apps must be revalidated every year. The app tier can increase to a higher tier for the following year than what it was the previous year. Once an app has been validated at tier 3 it will continue to be validated at tier 3 level at each following year. 

When should I do a security assessment?

Security assessment of an app is the final step of the restricted scopes review process. Before initiating a security assessment of your app, it is important to complete all other verification requirements. If your app is requesting access to restricted scopes, the Google Trust and Safety team will reach out to you when it's time to start the security assessment process.

To learn more please refer to  CASA.


 

這對您有幫助嗎?

我們應如何改進呢?
Search
Clear search
Close search
Main menu
1041211577582851007
true
搜尋說明中心
true
true
true
true
true
95384
false
false