Users of cloud-based Google Apps and Google App Engine can sleep a little more soundly at night knowing that their data is safe and secure with Google. Google (news, site) announced that they have completed SSAE-16 Type II and ISAE 3402 Type II security audits.
Third Party Security Audits
You may be familiar with the SAS 70 Type II, more commonly referred to as SAS 70, security audit if you work in a corporate technology department and are responsible for evaluating external service providers. SAS 70 is a set of auditing guidelines for service organizations that evaluate if adequate operational controls are in place and are sufficient. The standard is one of the most common and recognizable indicators that a service provider is doing the things necessary to protect customer data. In June of this year, the standard was replaced by SSAE-16 and its more well-traveled international counterpart, ISAE 3402.
Given that the standard has only recently been introduced, few cloud providers have had an opportunity to complete the newer audit process. However, Google has managed to jump out in front of the competition and achieve certification for Google Apps, Postini, Google App Engine, Google Apps Script and Google Storage for Developers.
Security at Google
Cloud service providers are constantly looking for ways to attract and retain customers in the lucrative enterprise market, and security is a big factor. In fact, just last week, Amazon Web Services announced its own enhancements targeted squarely at the enterprise market. Now that Google has announced it has completed the audit process for SSAE 16 and ISAE 3402, we can expect other major service providers to follow their example quickly.
Google’s most recent announcement isn’t the only measure that the company has taken to assure its current and prospective customers that their data will be secure the in the hands of Google. Many of Google’s security marketing efforts seem to be focused on its software as a service product Google Apps, which has stiff competition from Microsoft. Google has even published a white paper highlighting the services security features and has a page dedicated to the topic.
We will be watching to see if Google’s efforts pay off in terms of customer growth.