On May 28, Google announced that Google Apps for Business earned ISO 27001 certification, one of the most internationally accepted independent security standards.
ISO 27001 certification is an Information Security Management System (ISMS) standard. The certification requirements for ISO 27001 are that the organization’s information security risks are systematically examined, factoring in vulnerabilities, threats, and impacts; that the organization creates and enacts a functioning suite of information security controls in addition to any other risk treatment methods in response to risks found unacceptable; and that the organization implement a comprehensive management process that guarantees the information security controls continue to meet the organization’s information security needs going forward.
Receiving the ISO 27001 certification is a rigorous three-step process that involves an informal review, a formal, more in-depth compliance audit, and follow-up audits to ensure the organization’s compliance is ongoing.
Ernst & Young CertifyPoint, an ISO certification body, issued the ISO 27001 certification for the data centers, processes, systems, and technology serving Google Apps for Business.
This increased security certification should ease any remaining concerns businesses may have about undergoing a Google Apps migration to move to the cloud. Although security was a major concern for businesses when the cloud first became popular, this has become less of an issue over time.
Six years after Google first launched its cloud computing platform, an increasing number of businesses are migrating to the cloud – and now, more than ever, security is one of the main reasons why. Despite their initial trepidation, businesses are now aware of the fact that Google can make security investments that are much larger than most businesses can make individually.
While Google Apps for Business has always been a secure cloud platform, this new certification only strengthens the security for data and should thus help to ease any remaining security concerns.
According to Eran Feigenbaum, the Director of Security for Google Enterprise, the new ISO 27001 certification for Google Apps for Business, in conjunction with the current FISMA certification and SSAE 16 / ISAE 3402 audits for Google Apps for Government, apps customers can be assured that Google has an ongoing commitment to maintaining and further developing a robust Information Security Management System (ISMS). Feigenbaum continues that such an ISMS will be open to regular auditing and certifying by independent, third-party auditors.
While Google has already attracted some big businesses to its cloud network, this new verification should only increase the confidence CEO’s have in Google, allowing more big-name companies to move to the Google cloud.
Cloud Sherpas is a leading cloud service provider and was named the “Google Enterprise 2011 Partner of the Year.” As one of the first Google Enterprise partners, Cloud Sherpas has migrated over one million users across a variety of industries from legacy, on-premise messaging systems to Google Apps, helping organizations adopt cloud computing to innovate and dramatically reduce their IT expenses. A Google Apps Reseller in Atlanta, GA, Cloud Sherpas has regional offices in locations including San Francisco, New York, Chicago, Austin and Sydney, and has more Google Apps Certified Deployment Specialists than any other partner in the world.