On the morning of 27th July 2010, Google announced a new version of its Google Apps that is certified by the US government at a press event organized at its headquarters. The Google app have qualified for the FISMA-Moderate rating. That makes it suitable for use with data that’s sensitive but unclassified and it comes when the apps have been found to meet all security criteria of the US government. The certification was given to Google on July 22nd.
Google announced this news on its official blog as the Google app has become “the first suite of cloud computing applications to receive Federal Information Security Management Act (FISMA) certification and accreditation from the U.S. government.”
The version suitable for the government work is an upgraded version of Google Apps Premier Edition and it comes with all the core apps provided by the company. Gmail, Google Calendar, Google Docs, Google Sites and Video are the apps Google currently offers for government use and charges US$50 per user per year for the same.
Google went on to elaborate the benefits and usefulness of cloud computing. Google enumerated that the companies pay only for what they use without worrying about maintaining servers besides getting new features automatically, and can access services from any device. The service also comes with best security features.
The new certification for the Google apps will bring it into use for the small and medium businesses and with the government seal of approval Google’s other cloud-based solutions will also benefit.
FISMA is basically, Federal Information Security Management Act of 2002, as per the act the federal agency develops and documents as well as undertakes the implementation of an programs that will eventually provide security for the data and the information systems that support its operations and assets. Such systems also include the ones that are provided or managed by another agency, contractor or other source; and here is where Google steps in.
It is mandatory in the act that the agency’s program officials, chief information officers, and inspectors general will review agencies’ information security annually and report the results to the Office of Management and Budget.
The certification did not come easy. For this Google had to make changes in its security controls. The data secured in the site will now be stored in the servers in US only and only the US citizens who have the required authority and with due permission can access that data.
Microsoft is pursuing similar certification for its Web-based Exchange messaging services. This will again bring the two technology giants against each other yet again once Microsoft clears the hurdle.
However, it is important to add that the FISMA certification does not include classified information and before embracing any such services proper analysis of the security controls in place and whether or not they are sufficient to comply with any applicable requirements need to be done.