The old guard is being replaced, and with that comes new ideas, requirements, and a fresh approach to compliance.
UK - (PRWEB UK) 25 September 2012
London: Findings from a survey conducted by Google and IT Business Edge conclude that one of the biggest issues preventing movement to the cloud is security. This result coincides with the results of a survey of more than 150 chief information officers (CIO)s conducted by storage services specialist Mezeo Software.
Google continues to plough millions of dollars into security to keep users safe online. For its Apps and Cloud Platform customers, Google provide transparency and visibility to those protections through its Google Apps Security Whitepaper and data center video tour.
Google are committed to conducting independent 3rd party assessments of its security and data protection practices. Building on the SSAE 16 audit they completed last year and the ISO 27001 certification for Google Apps that they also received in May, Google are now compliant with the new SSAE 16 / ISAE 3402 SOC 2 Type II audit that covers the following products:
Google Apps Vault
Google Apps Script
Google App Engine
Google Cloud Storage
SSAE 16 is an enhancement to the current standard for Reporting on Controls at a Service Organization, the SAS70. The changes made to the standard will bring companies up to date with new international service organization reporting standards, the ISAE 3402. The adjustments made from SAS 70 to SSAE 16 help organisations compete on an international level.
The SAS70 upgrade to SSAE 16 is a natural modifying evolution of the dated standard and a transition of power from one governing accounting principle authority to another. The old guard is being replaced, and with that comes new ideas, requirements, and a fresh approach to compliance reporting on controls at service organizations and the responsibilities of the service organization being audited.
What does this mean for users?
- Logical security: Controls provide reasonable assurance that logical access to Google Apps production systems and data is restricted to authorized individuals
- Privacy: Controls provide reasonable assurance that Google has implemented policies and procedures addressing the privacy of customer data related to Google Apps
- Data center physical security: Controls provide reasonable assurance that data centers that house Google Apps data and corporate offices are protected
- Incident management and availability: Controls provide reasonable assurance that Google Apps systems are redundant and incidents are properly reported, responded to, and recorded
- Change management: Controls provide reasonable assurance that development of and changes to Google Apps undergo testing and independent code review prior to release into production
- Organisation and administration: Controls provide reasonable assurance that management provides the infrastructure and mechanisms to track and communicate initiatives within the company that impact Google Apps.
For more information on Google Apps security visit their FAQ centre here:
AppsCare, powered by Netpremacy Global Services is a world leader in cloud services provisions, supporting over 2500 customers in 33 countries. Their fortnightly newsletter provides latest industry news, tips and ‘how to’ features and useful information about Cloud computing.
To receive a free copy of the HBR: What every exec needs to now about the cloud, subscribe to the mailing list here.
Follow @AppsCare | Follow @Netpremacy