The Impact Of Google’s ISO 27001 On Business

The Impact Of Google’s ISO 27001 On Business

Google has recently acquired an ISO 27001 security certification. This certification is provided by an independent body to companies that pass various security requirements. For a company to obtain the ISO 27001 certification, it must agree to be examined by an internationally recognized, independent body for information security risks. The body will check the company for threats, impacts, or vulnerabilities. Aside from examining information security risks, the body will also examine the company for information security controls. Such controls must be in place, together with fully functioning risk management measures. The methods are used to fight off any unacceptable risks. Another area which the certifying body will examine is the company’s management system. It will have to be assured that a system is in place in order to meet any information security requirements in the future.

Ernst & Young CertifyPoint audited Google for the purposes of ISO 27001 certification. An informal review was conducted in order to assess security risks and controls aside from the full in-depth audit. After the audit, various follow-up reviews were also made to assure that Google is implementing information security practices. On May 28 this year, Google Apps for Business was ISO 27001 certified. With the certification, businesses can now put their security concerns on Google Apps to rest, because it proves that Google has placed top priority on resolving information security issues.

With SSAE 16/ISAE 3402 audits as well as the FISMA certification for Google Apps for Government, Google can now brush off critics, for it is able to assure the public that it is highly committed to maintaining a high standard of security as well as its continuous evolution of security practices. Google is continuously undergoing other third-party audits to further stress this commitment.

Because Google is now certified, a business owner is now assured that their business data is safe and secure with Google Apps. Google has a commitment to keeping a customer’s data intact and safe from outside threats. Businesses can now trust Google to protect their data. The audit lasted for six months and the certification covers its technology, datacenters, processes, and systems used for cloud computing service applications. With the certification, Google is optimistic that it can draw large financial institutions as well as the public sector into using its services such as Gmail, Docs, and others.

Google took pains in obtaining ISO 27001 and SSAE 16/ISAE 3402 for its Google Apps in order to prove that their applications have the necessary security controls. While other providers obtain certification for their infrastructure and datacenters, Google took another step forward and had its personnel, code processes, and software certified. Although the certification is issued for Google Apps for Business only, Google claims that users of the standard free edition of the cloud suite and Gmail are also benefitted, because the core technology layer overlaps. However, Adam Swidler, Google Apps for Business senior manager, agrees that there is really no perfect security guarantee. But for Google Apps for Business, the security controls are industry specified and the public is free to check on such controls.

By Florence de Borja

Sorry, comments are closed for this post.

The Security Gap: What Is Your Core Strength?

The Security Gap: What Is Your Core Strength?

The Security Gap You’re out of your mind if you think blocking access to file sharing services is filling a security gap. You’re out of your mind if you think making people jump through hoops like Citrix and VPNs to get at content is secure. You’re out of your mind if you think putting your…

7 Common Cloud Security Missteps

7 Common Cloud Security Missteps

Cloud Security Missteps Cloud computing remains shrouded in mystery for the average American. The most common sentiment is, “It’s not secure.” Few realize how many cloud applications they access every day: Facebook, Gmail, Uber, Evernote, Venmo, and the list goes on and on… People flock to cloud services for convenient solutions to everyday tasks. They…

How The CFAA Ruling Affects Individuals And Password-Sharing

How The CFAA Ruling Affects Individuals And Password-Sharing

Individuals and Password-Sharing With the 1980s came the explosion of computing. In 1980, the Commodore ushered in the advent of home computing. Time magazine declared 1982 was “The Year of the Computer.” By 1983, there were an estimated 10 million personal computers in the United States alone. As soon as computers became popular, the federal government…

How Formal Verification Can Thwart Change-Induced Network Outages and Breaches

How Formal Verification Can Thwart Change-Induced Network Outages and Breaches

How Formal Verification Can Thwart  Breaches Formal verification is not a new concept. In a nutshell, the process uses sophisticated math to prove or disprove whether a system achieves its desired functional specifications. It is employed by organizations that build products that absolutely cannot fail. One of the reasons NASA rovers are still roaming Mars…

Cloud Native Trends Picking Up – Legacy Security Losing Ground

Cloud Native Trends Picking Up – Legacy Security Losing Ground

Cloud Native Trends Once upon a time, only a select few companies like Google and Salesforce possessed the knowledge and expertise to operate efficient cloud infrastructure and applications. Organizations patronizing those companies benefitted with apps that offered new benefits in flexibility, scalability and cost effectiveness. These days, the sharp division between cloud and on-premises infrastructure…

Using Cloud Technology In The Education Industry

Using Cloud Technology In The Education Industry

Education Tech and the Cloud Arguably one of society’s most important functions, teaching can still seem antiquated at times. Many schools still function similarly to how they did five or 10 years ago, which is surprising considering the amount of technical innovation we’ve seen in the past decade. Education is an industry ripe for innovation…

Moving Your Email To The Cloud? Beware Of Unintentional Data Spoliation!

Moving Your Email To The Cloud? Beware Of Unintentional Data Spoliation!

Cloud Email Migration In today’s litigious society, preserving your company’s data is a must if you (and your legal team) want to avoid hefty fines for data spoliation. But what about when you move to the cloud? Of course, you’ve probably thought of this already. You’ll have a migration strategy in place and you’ll carefully…

The Importance of Cloud Backups: Guarding Your Data Against Hackers

The Importance of Cloud Backups: Guarding Your Data Against Hackers

The Importance of Cloud Backups Cloud platforms have become a necessary part of modern business with the benefits far outweighing the risks. However, the risks are real and account for billions of dollars in losses across the globe per year. If you’ve been hacked, you’re not alone. Here are some other companies in the past…