Those of you interested in cloud computing would have noticed that Google Apps has earned ISO27001 certification for information security, which is a counterpoint to concerns about the secure nature of web services. Admittedly there are some who could point to flaws in the ISO27001 standard from an information security standpoint – but it is an independent standard and so is as handy a benchmark as any.
However, there is some aspects of this news that need to be reflected on. The certification only covers the paid-for business offering, not the consumer accounts that you may use to share editorial calenders with clients or your average email account that gets hacked by state actors. This limited certification of services in itself is a tacit admission of the insecurity of Google consumer products which are used by many knowledge workers – your author included.
Archived from the blog that I used to write for PR Week