Official Google Enterprise Blog: Security First: Google Apps and Google App Engine receive SSAE-16 certificationPosted by Eran Feigenbaum, Director of Security, Google Enterprise
One of the ways our customers can be are assured their data is protected is through third-party audits and certifications. Since 2008, Google Apps has successfully undergone annual SAS 70 Type II audits. This year the SAS70 Type II audit has evolved into the SSAE 16 Type II attestation and its international counterpart, ISAE 3402 Type II. We’re happy to announce that Google is one of the first major cloud providers to be certified for compliance to these new standards.
Over the past few weeks, Google has successfully completed the audit process for the SSAE 16 and ISAE 3402 standards for Google Apps and Postini services. In addition, we expanded the audits to include Google App Engine, Google Apps Script, and Google Storage for Developers. Together with the SAS 70 Type II (covering dates prior to June 15th, 2011), these third party audits provide additional assurance to customers that their data is well protected.
Third party audits are only part of the security and compliance benefits of Google Apps and Google App Engine products. We protect our Apps customers’ data by employing some of the foremost security experts, by executing rigorous safety processes, and by implementing cutting-edge technology. These protections are highlighted in our security white paper and data center video tour. For more information visit our Google Apps Trust page.
We take extensive measures to protect our users’ data and we are constantly innovating to develop new features and capabilities in these areas.