Information security is important to any business, and cloud security has concerned many businesses for years. Since Google first launched its cloud platform in 2006, it has worked to make Google Apps for Business as secure as possible. And on May 28, Google reached a new level in cloud security for businesses when it announced that Google Apps for Business had earned ISO 27001 security certification.
This announcement was not only big news for Google and for businesses, but also for cloud security. The ISO 27001 certification that Google achieved is part of an Information Security Management System (ISMS) and is one of the most internationally accepted independent security standards.
In order to achieve the ISO 27001 certification, Google had to meet specific requirements. Google opened itself for an assessment of its information security risks that made special note of impacts, vulnerabilities, and threats. There had to be operating risk treatment methods ready for use against unfavorable risks as well as a suite of information security controls and a management system prepared to meet ongoing security needs.
To determine whether or not Google met these requirements, Ernst & Young CertifyPoint conducted a three-part audit. First, the body conducted an informal review of the risks and controls associated with Google’s information security. This step was followed by a significantly more in-depth audit. To complete the process, Ernst & Young CertifyPoint did ongoing reviews to guarantee that Google continued its information security practices.
The process of earning this certification is not easy, but the result for Google was well worth the effort. Now, large businesses that had any lingering concerns about information security in the cloud should be more comfortable with the idea of a Google Apps migration, knowing the service is backed by an internationally accepted independent security standard.
Although Google making large security investments is not something new, this latest certification should bring the importance of cloud security to Google to the forefront. When people see Google Apps for Business’ ISO 27001 certification alongside Google Apps for Government’s SSAE 16 / ISAE 3402 audits and FISMA certification, Director of Security for Google Enterprise Eran Feigenbaum believes that there should be no doubt that Google has made security for its cloud platforms a top priority. To stress this idea and to further ensure users of the safety of their data, Google will continue to have third-parties audit its security controls.
In general, Google’s new, high-level security certification should put even the largest enterprises at ease with cloud security. Google made a huge investment in information security by undergoing the audit and meeting the requirements for ISO 27001 certification, and its efforts should prove that security in the Google cloud has surpassed expectations.
6 Comments
Leave a Reply
Leave a Reply
This site uses Akismet to reduce spam. Learn how your comment data is processed.
Lakshmi Balu
June 12, 2012 at 8:03 am
Sweating out for a Google certification gets you your name and fame and value in the work you are doing. Cloud computing is often haunted by the hackers and the developers are paranoid than never owing to the cloud’s robust qualities. Cloud security certification is the need of the hour and thanks for the insight into this!
Mrfixblog
June 12, 2012 at 9:25 am
Thanks for the information on certifications. Cloud computing is the future of technology. data is to be saved on clouds. Sounds great. the stuff you have posted is useful and information.
TracyAnn0312
June 12, 2012 at 2:12 pm
I think that this is another excellent work by Google. They were one of the best when it comes in Internet searching. Thanks for sharing it.
carol
June 12, 2012 at 4:15 pm
Google has a great ideas for all certification.Google was the best not just for searching but also for certification.
Alec Farell
June 12, 2012 at 10:22 pm
Thank you for taking the time to explain ISO 27001 certification! When I saw that the almighty Google had to be tested in order to get this certification I realized how hard it is to take it.
James
June 13, 2012 at 10:41 am
This kind of information can prove so useful for any lay man too! It is written so nicely & explained descriptively! Well done! The ISO is detailed nicely!