The Impact Of Google’s ISO 27001 On Business

The Impact Of Google’s ISO 27001 On Business

Google has recently acquired an ISO 27001 security certification. This certification is provided by an independent body to companies that pass various security requirements. For a company to obtain the ISO 27001 certification, it must agree to be examined by an internationally recognized, independent body for information security risks. The body will check the company for threats, impacts, or vulnerabilities. Aside from examining information security risks, the body will also examine the company for information security controls. Such controls must be in place, together with fully functioning risk management measures. The methods are used to fight off any unacceptable risks. Another area which the certifying body will examine is the company’s management system. It will have to be assured that a system is in place in order to meet any information security requirements in the future.

Ernst & Young CertifyPoint audited Google for the purposes of ISO 27001 certification. An informal review was conducted in order to assess security risks and controls aside from the full in-depth audit. After the audit, various follow-up reviews were also made to assure that Google is implementing information security practices. On May 28 this year, Google Apps for Business was ISO 27001 certified. With the certification, businesses can now put their security concerns on Google Apps to rest, because it proves that Google has placed top priority on resolving information security issues.

With SSAE 16/ISAE 3402 audits as well as the FISMA certification for Google Apps for Government, Google can now brush off critics, for it is able to assure the public that it is highly committed to maintaining a high standard of security as well as its continuous evolution of security practices. Google is continuously undergoing other third-party audits to further stress this commitment.

Because Google is now certified, a business owner is now assured that their business data is safe and secure with Google Apps. Google has a commitment to keeping a customer’s data intact and safe from outside threats. Businesses can now trust Google to protect their data. The audit lasted for six months and the certification covers its technology, datacenters, processes, and systems used for cloud computing service applications. With the certification, Google is optimistic that it can draw large financial institutions as well as the public sector into using its services such as Gmail, Docs, and others.

Google took pains in obtaining ISO 27001 and SSAE 16/ISAE 3402 for its Google Apps in order to prove that their applications have the necessary security controls. While other providers obtain certification for their infrastructure and datacenters, Google took another step forward and had its personnel, code processes, and software certified. Although the certification is issued for Google Apps for Business only, Google claims that users of the standard free edition of the cloud suite and Gmail are also benefitted, because the core technology layer overlaps. However, Adam Swidler, Google Apps for Business senior manager, agrees that there is really no perfect security guarantee. But for Google Apps for Business, the security controls are industry specified and the public is free to check on such controls.

By Florence de Borja

Sorry, comments are closed for this post.

Comic
Three Tips To Simplify Governance, Risk And Compliance

Three Tips To Simplify Governance, Risk And Compliance

Governance, Risk and Compliance Businesses are under pressure to deliver against a backdrop of evolving regulations and security threats. In the face of such challenges they strive to perform better, be leaner, cut costs and be more efficient. Effective governance, risk and compliance (GRC) can help preserve the business’ corporate integrity and protect the brand,…

The Annual Compliance & Ethics Institute:  Hot Topics – Cyber Security, Big Data, Privacy Breach Response

The Annual Compliance & Ethics Institute: Hot Topics – Cyber Security, Big Data, Privacy Breach Response

Cyber Security, Big Data, Privacy Breach Response MINNEAPOLIS, Aug. 30, 2016 /PRNewswire-USNewswire/ — Cyber security, social media, modern slavery, anti-corruption, export controls and sanctions, and privacy top the list of “Hot Issues” compliance and ethics professionals face each day. These and many other compliance and ethics concerns will be addressed at the 2016 Compliance & Ethics…

Top 5 Digital Health Trends

Top 5 Digital Health Trends

Digital Health Trends It is very important to keep up with the changing technology. However, it is also just as important to advance the consumer experience, care delivery methods and create opportunities for career development for the healthcare workforce. Five trends that are proven to be effective in winning in the digital age have been…

Technological Advances In The Healthcare Industry

Technological Advances In The Healthcare Industry

The Healthcare Industry The use of smart devices in healthcare is expanding, and according to a report by Technavio the global smart wearable healthcare device and services market will show a compounded annual growth rate of over 18%. Thanks to modern medicine, lifespans are increasing, resulting in aging populations and a higher frequency of chronic…

How Secure Is Your School Campus Network?

How Secure Is Your School Campus Network?

School Networks School related networks are one of the most attacked sectors today, coming in third worldwide to healthcare and retail. Because of the ever growing threat of cybercrime, IT professionals everywhere aren’t thinking in terms of “what if our network gets attacked?” Now, they think in terms of “when will our network be attacked?”…

Multi-Cloud Integration Has Arrived

Multi-Cloud Integration Has Arrived

Multi-Cloud Integration Speed, flexibility, and innovation require multiple cloud services As businesses seek new paths to innovation, racing to market with new features and products, cloud services continue to grow in popularity. According to Gartner, 88% of total compute will be cloud-based by 2020, leaving just 12% on premise. Flexibility remains a key consideration, and…

Why Security Practitioners Need To Apply The 80-20 Rules To Data Security

Why Security Practitioners Need To Apply The 80-20 Rules To Data Security

The 80-20 Rule For Security Practitioners  Everyday we learn about yet another egregious data security breach, exposure of customer data or misuse of data. It begs the question why in this 21st century, as a security industry we cannot seem to secure our most valuable data assets when technology has surpassed our expectations in other regards.…

5% Of Companies Have Embraced The Digital Innovation Fostered By Cloud Computing

5% Of Companies Have Embraced The Digital Innovation Fostered By Cloud Computing

Embracing The Cloud We love the stories of big complacent industry leaders having their positions sledge hammered by nimble cloud-based competitors. Saleforce.com chews up Oracle’s CRM business. Airbnb has a bigger market cap than Marriott. Amazon crushes Walmart (and pretty much every other retailer). We say: “How could they have not seen this coming?” But, more…

Cloud-based GRC Intelligence Supports Better Business Performance

Cloud-based GRC Intelligence Supports Better Business Performance

Cloud-based GRC Intelligence All businesses need a strategy and processes for governance, risk and compliance (GRC). Many still view GRC activity as a burdensome ‘must-do,’ approaching it reactively and managing it with non-specialized tools. GRC is a necessary business endeavor but it can be elevated from a cost drain to a value-add activity. By integrating…

Protecting Devices From Data Breach: Identity of Things (IDoT)

Protecting Devices From Data Breach: Identity of Things (IDoT)

How to Identify and Authenticate in the Expanding IoT Ecosystem It is a necessity to protect IoT devices and their associated data. As the IoT ecosystem continues to expand, the need to create an identity to newly-connected things is becoming increasingly crucial. These ‘things’ can include anything from basic sensors and gateways to industrial controls…

Cloud Infographic – The Data Scientist

Cloud Infographic – The Data Scientist

Data Scientist Report The amount of data in our world has been exploding in recent years. Managing big data has become an integral part of many businesses, generating billions of dollars of competitive innovations, productivity and job growth. Forecasting where the big data industry is going has become vital to corporate strategy. Enter the Data…

Cloud Computing – The Real Story Is About Business Strategy, Not Technology

Cloud Computing – The Real Story Is About Business Strategy, Not Technology

Enabling Business Strategies The cloud is not really the final destination: It’s mid-2015, and it’s clear that the cloud paradigm is here to stay. Its services are growing exponentially and, at this time, it’s a fluid model with no steady state on the horizon. As such, adopting cloud computing has been surprisingly slow and seen more…

Cloud Computing Is Greener Than You Think

Cloud Computing Is Greener Than You Think

Cloud Computing Is Greener Than You Think Last week we touched upon how a project in Finland had blended two of the world’s most important industries, cloud computing and green technology, to produce a data centre that used nearby sea water to both cool their servers and heat local homes.  Despite such positive environmental projects, there…

Containerization: The Bold Face Of The Cloud In 2016

Containerization: The Bold Face Of The Cloud In 2016

Containerization And The Cloud “Right now, the biggest technology shift in the cloud is a rapid evolution from simple virtual machine (VM) hosting toward containerization’’ says the CTO of Microsoft Azure, Mark Russinovitch, a man who deals with the evolving cloud infrastructure every day. In his words, containerization is “an incredibly efficient, portable, and lightweight…

Are Women Discriminated Against In The Tech Sector?

Are Women Discriminated Against In The Tech Sector?

Women Discriminated Against In Tech Sector It is no secret that the tech industry is considered sexist since most women are paid less than men; there are considerably fewer women in tech jobs; and generally men get promoted above women. Yet the irony is twofold. Firstly, there is an enormous demand for employees with skills…

Disaster Recovery And The Cloud

Disaster Recovery And The Cloud

Disaster Recovery And The Cloud One of the least considered benefits of cloud computing in the average small or mid-sized business manager’s mind is the aspect of disaster recovery. Part of the reason for this is that so few small and mid-size businesses have ever contemplated the impact of a major disaster on their IT…