What You Need to Know About Google’s New Security Certification

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
June 5, 2012

It’s taken the cloud computing world by storm – Google just earned a new security certification for its cloud computing platform Google Apps for Business.  You may have heard that Google Apps for Business now has ISO 27001 certification, but what does this really mean?
ISO 27001 security certification is among the most internationally accepted independent security standards.  Specifically, this certification is a security standard that falls under an Information Security Management System (ISMS).  In order to achieve this standard an organization must satisfy three requirements.  First, its information security risks must be evaluated and any impacts, threats, or vulnerabilities must be taken into account.  Second, the organization must set into motion a working set of information security controls as well as risk treatment methods to combat any risks that might be found unfavorable.  Finally, it must put in place a management system to ensure that all of the information security controls currently in place continue to meet all of its future security needs.

But simply saying that it satisfies these requirements does not automatically certify an organization.  To officially earn ISO 27001 certification, the organization must complete a difficult auditing process.  The audit includes an initial, informal audit, a more formal compliance review that is much deeper in scope, and multiple follow-up reviews to guarantee that the compliance with ISMS standards is continued.

On May 28, Google announced that it had successfully completed the certification process for the technology, process, systems, and data centers serving Google Apps for Business.  With the seal of approval from the ISO certification body Ernst & Young CertifyPoint, Google Apps for Business officially earned its new, higher security certification.

Now that you know what Google’s new certification is, what does it actually mean for Google Apps and businesses?  Quite simply, the answer is that it means a lot.

When Google first entered the cloud computing market in 2006 there were a great deal of concerns, especially in the business world, about the security of cloud networks.  Although these trepidations have decreased significantly since the launch of Google Apps, they are still present among some large businesses and corporations.

However, Google Apps for Business’ new ISO 27001 certification should help allay any lasting doubts that businesses have about the security their data would be afforded if they were to move to the cloud with a Google Apps migration.

This new realization is especially the case as an increasing number of businesses migrate to the cloud.  While mobility and reliability have always been major factors in the cloud computing trend, security is now moving to the top of the list as well.  Especially in light of Google’s new certification, businesses are beginning to understand that Google has the ability to invest in security on a much larger scale than a single business can.

The new ISO 27001 certification, when looked at with Google Apps for Goverment’s FISMA certification and SSAE 16 / ISAE 3402 audits, should prove to customers that Google is seriously committed to operating on a robust ISMS, says Eran Feigenbaum, Director of Security for Google Enterprise.

Looking forward, Google Apps for Business’ new ISO 27001 certification should prove a great asset to the cloud platform, attracting even more large businesses and dispelling any doubts about cloud security.

Cloud Sherpas is a leading cloud service provider and was named the “Google Enterprise 2011 Partner of the Year.” As one of the first Google Enterprise partners, Cloud Sherpas has migrated over one million users across a variety of industries from legacy, on-premise messaging systems to Google Apps, helping organizations adopt cloud computing to innovate and dramatically reduce their IT expenses. A Google Apps Reseller in Atlanta, GA, Cloud Sherpas has regional offices in locations including San Francisco, New York, Chicago, Austin and Sydney, and has more Google Apps Certified Deployment Specialists than any other partner in the world.

You may also like...

  • ISO 27001 Specialist

    ISO 27001 certification is only relevant to a specific customer. Without access to the certification criteria and knowledge of the actual scope we remain clueless as to whether this claim has any value