Re-posted from the Google Enterprise Blog.
In the early days of the cloud, security concerns were often at the top of business minds as they considered moving to Google Apps. More recently, though, security has become a major reason businesses are moving to the cloud. The reason for this shift is that businesses are beginning to realize that companies like Google can invest in security at a scale that’s difficult for many businesses to achieve on their own. This investment has produced an infrastructure and a set of services with robust data protections for our customers.
Today we are proud to announce that Google Apps for Business has earned ISO 27001 certification. ISO 27001 is one of the most widely recognized, internationally accepted independent security standards and we have earned it for the systems, technology, processes and data centers serving Google Apps for Business. Our compliance with the ISO standard was certified by Ernst & Young CertifyPoint, an ISO certification body accredited by the Dutch Accreditation Council, a member of the International Accreditation Forum (IAF). Certificates issued by Ernst & Young CertifyPoint are recognized as valid certificates in all countries with an IAF member.
This new certification, along with our existing SSAE 16 / ISAE 3402 audits and FISMA certification for Google Apps for Government, help assure our customers that Google is committed to ongoing development and maintenance of a robust Information Security Management System (ISMS) that an independent, third-party auditor will regularly audit and certify. For more information on the security audits and certifications for Google Apps, please review our certification 1-pager.