Google Apps for Business has received ISO 27001 certification following an audit by Ernst & Young CertifyPoint, the company has announced in an official blog post.
The certification is a standard originally created by the International Organization for Standardization and the International Electrotechnical Commission, and refers to an organisation's information security management controls.
Certifications are awarded following a rigorous, three-stage process featuring a number of reviews and audits that follow an information security management system's (ISMS) evolution. A third party auditor will continue to follow and review the "maintenance and development" of Google Apps' ISMS.
Google points to its emphasis on security as an incentive for businesses looking to migrate to the crowd. "Companies like Google can invest in security at a scale that's difficult for many businesses to achieve on their own. This investment has produced an infrastructure and a set of services with robust data protections for our customers", wrote Google Enterprise's director of security Eran Feigenbaum.
Google Apps previously earned SSAE 16, ISAE 3402 and SAS 70 from UK-based auditors Grant Thornton.