Skip to content

This Week in Google Apps: Security and Compliance

BetterCloud Monitor

June 8, 2012

2 minute read

blog post image 07

Over the past two weeks, Google has made two significant announcements in regards to the security and compliance of Google Apps, a hot button issue for large enterprises hoping to migrate to the cloud. As cloud-computing solutions become more sophisticated, security is actually becoming an incentive to migrate, rather than a deterrence.  In the recent months and years, Google has invested significantly in security, achieving more in-depth oversight and at a larger scale than a typical organization could ever hope to achieve independently.

Last week, Google announced that Apps for Business had received the coveted ISO 27001 Certification, an internationally accepted designation applied to Google’s systems, technology, processes and data centers. The standard was certified by Ernst & Young CertifyPoint and bolsters Google’s existing certifications, SSAE 16 / ISAE 3402 and FISMA for Google Apps for Government.

The ISO 27001 Certification is yet another testament to Google’s ongoing commitment to Google Apps security and we expect to see even more enterprises migrating to Google Apps following the announcement.

In addition to the ISO 27001, Google announced this week that additional means of meeting the security requirements of the European Commission’s Data Protection Directive will be made available to companies operating on Google Apps in the EU. The Directive, a crucial piece of privacy legislation passed in 1995, restricts the movement of data from European Union countries to non-member nations.

With this added flexibility, Google will likely gain greater popularity throughout the EU and broaden its already extensive reach – currently Google serves upwards of 4 million users worldwide.

In addition to Google’s own efforts to bolster the security of Google Apps, third-party applications are often used in conjunction with native security features. Organizations using Apps should look to install a product that provides Google Apps admins with insight into Google Docs sharing, both internally and externally, and allows admins to create sharing policies depending on organizational role.