Yesterday, Google announced that their technology, systems, and processes used at their data centers for servicing Google+Enterprise+Blog%29″> Apps for Business products have been granted the ISO 27001 certification. This certification, verified by the International Accreditation Forum, brings Google worldwide recognition for their efforts protecting and managing data.
Eran Feigenbaum, Director of Security for Google Enterprise commented about the certification on Google’s Blog:
“Today we are proud to announce that Google Apps for Business has earned ISO 27001 certification. ISO 27001 is one of the most widely recognized, internationally accepted independent security standards and we have earned it for the systems, technology, processes and data centers serving Google Apps for Business. Our compliance with the ISO standard was certified by Ernst & Young CertifyPoint, an ISO certification body accredited by the Dutch Accreditation Council, a member of the International Accreditation Forum (IAF). Certificates issued by Ernst & Young CertifyPoint are recognized as valid certificates in all countries with an IAF member.”
Chet Loveland, CISO and Global Compliance Officer with MWV also comments on Google’s certification with ISO:
“As a multi-billion dollar, global provider of packaging and packaging solutions, MWV understands the value of international standards. Many of our own processes are ISO certified. So, I am thrilled that Google Apps, our core communications platform, is also now ISO certified with its recent ISO 27001 certification. This certification validates what I already knew, through due diligence, about Google Apps – that the technology, process and infrastructure offers good security and protection for the data that I store in Google Apps. I think it’s important, find it assuring and am very pleased that Google Apps will be audited and certified to this Information Security Management System ISO standard on an ongoing basis”
Google already holds SSAE 16/ ISAE 3401 certifications for the work they do with the government’s data, and the ISO 27001 is a perfect complement that reassures all clients their systems and procedures will be verified and regulated by third party auditors on a regular basis to ensure a high degree of conformance is maintained.