The Impact Of Google’s ISO 27001 On Business

The Impact Of Google’s ISO 27001 On Business

Google has recently acquired an ISO 27001 security certification. This certification is provided by an independent body to companies that pass various security requirements. For a company to obtain the ISO 27001 certification, it must agree to be examined by an internationally recognized, independent body for information security risks. The body will check the company for threats, impacts, or vulnerabilities. Aside from examining information security risks, the body will also examine the company for information security controls. Such controls must be in place, together with fully functioning risk management measures. The methods are used to fight off any unacceptable risks. Another area which the certifying body will examine is the company’s management system. It will have to be assured that a system is in place in order to meet any information security requirements in the future.

Ernst & Young CertifyPoint audited Google for the purposes of ISO 27001 certification. An informal review was conducted in order to assess security risks and controls aside from the full in-depth audit. After the audit, various follow-up reviews were also made to assure that Google is implementing information security practices. On May 28 this year, Google Apps for Business was ISO 27001 certified. With the certification, businesses can now put their security concerns on Google Apps to rest, because it proves that Google has placed top priority on resolving information security issues.

With SSAE 16/ISAE 3402 audits as well as the FISMA certification for Google Apps for Government, Google can now brush off critics, for it is able to assure the public that it is highly committed to maintaining a high standard of security as well as its continuous evolution of security practices. Google is continuously undergoing other third-party audits to further stress this commitment.

Because Google is now certified, a business owner is now assured that their business data is safe and secure with Google Apps. Google has a commitment to keeping a customer’s data intact and safe from outside threats. Businesses can now trust Google to protect their data. The audit lasted for six months and the certification covers its technology, datacenters, processes, and systems used for cloud computing service applications. With the certification, Google is optimistic that it can draw large financial institutions as well as the public sector into using its services such as Gmail, Docs, and others.

Google took pains in obtaining ISO 27001 and SSAE 16/ISAE 3402 for its Google Apps in order to prove that their applications have the necessary security controls. While other providers obtain certification for their infrastructure and datacenters, Google took another step forward and had its personnel, code processes, and software certified. Although the certification is issued for Google Apps for Business only, Google claims that users of the standard free edition of the cloud suite and Gmail are also benefitted, because the core technology layer overlaps. However, Adam Swidler, Google Apps for Business senior manager, agrees that there is really no perfect security guarantee. But for Google Apps for Business, the security controls are industry specified and the public is free to check on such controls.

By Florence de Borja

Sorry, comments are closed for this post.

Comics
Ending The Great Enterprise Disconnect

Ending The Great Enterprise Disconnect

Five Requirements for Supporting a Connected Workforce It used to be that enterprises dictated how workers spent their day: stuck in a cubicle, tied to an enterprise-mandated computer, an enterprise-mandated desk phone with mysterious buttons, and perhaps an enterprise-mandated mobile phone if they traveled. All that is history. Today, a modern workforce is dictating how…

The Cancer Moonshot: Collaboration Is Key

The Cancer Moonshot: Collaboration Is Key

Cancer Moonshot In his final State of the Union address in January 2016, President Obama announced a new American “moonshot” effort: finding a cure for cancer. The term “moonshot” comes from one of America’s greatest achievements, the moon landing. If the scientific community can achieve that kind of feat, then surely it can rally around…

Protecting Devices From Data Breach: Identity of Things (IDoT)

Protecting Devices From Data Breach: Identity of Things (IDoT)

How to Identify and Authenticate in the Expanding IoT Ecosystem It is a necessity to protect IoT devices and their associated data. As the IoT ecosystem continues to expand, the need to create an identity to newly-connected things is becoming increasingly crucial. These ‘things’ can include anything from basic sensors and gateways to industrial controls…

Virtual Immersion And The Extension/Expansion Of Virtual Reality

Virtual Immersion And The Extension/Expansion Of Virtual Reality

Virtual Immersion And Virtual Reality This is a term I created (Virtual Immersion). Ah…the sweet smell of Virtual Immersion Success! Virtual Immersion© (VI) an extension/expansion of Virtual Reality to include the senses beyond visual and auditory. Years ago there was a television commercial for a bathing product called Calgon. The tagline of the commercial was Calgon…

Staying on Top of Your Infrastructure-as-a-Service Security Responsibilities

Staying on Top of Your Infrastructure-as-a-Service Security Responsibilities

Infrastructure-as-a-Service Security It’s no secret many organizations rely on popular cloud providers like Amazon and Microsoft for access to computing infrastructure. The many perks of cloud services, such as the ability to quickly scale resources without the upfront cost of buying physical servers, have helped build a multibillion-dollar cloud industry that continues to grow each…

Why Security Practitioners Need To Apply The 80-20 Rules To Data Security

Why Security Practitioners Need To Apply The 80-20 Rules To Data Security

The 80-20 Rule For Security Practitioners  Everyday we learn about yet another egregious data security breach, exposure of customer data or misuse of data. It begs the question why in this 21st century, as a security industry we cannot seem to secure our most valuable data assets when technology has surpassed our expectations in other regards.…

Choosing IaaS or a Cloud-Enabled Managed Hosting Provider?

Choosing IaaS or a Cloud-Enabled Managed Hosting Provider?

There is a Difference – So Stop Comparing We are all familiar with the old saying “That’s like comparing apples to oranges” and though we learned this lesson during our early years we somehow seem to discount this idiom when discussing the Cloud. Specifically, IT buyers often feel justified when comparing the cost of a…

Cyber Criminals Are Business People Too

Cyber Criminals Are Business People Too

Cyber Crime Business You’re on the morning train on the way to work and take a look at the guy next to you. He’s clean-cut, wearing a crisp suit and holding a leather briefcase just like dozens of others. Just another worker headed to the office, right?. Yes, but not in the way you think…

Cloud-Based or On-Premise ERP Deployment? Find Out

Cloud-Based or On-Premise ERP Deployment? Find Out

ERP Deployment You know how ERP deployment can improve processes within your supply chain, and the things to keep in mind when implementing an ERP system. But do you know if cloud-based or on-premise ERP deployment is better for your company or industry? While cloud computing is becoming more and more popular, it is worth…