Since 2008, Google Apps has successfully undergone annual SAS 70 Type II audits. This year the SAS70 Type II audit has evolved into the SSAE 16 Type II attestation and its international counterpart, ISAE 3402 Type II. Goole has now become the first major cloud providers to be certified for compliance to these new standards," Eran Feigenbaum, Director of Security, Google Enterprise.
Feigenbaum wrote that "Over the past few weeks, Google has successfully completed the audit process for the SSAE 16 and ISAE 3402 standards for Google Apps and Postini services. In addition, we expanded the audits to include Google App Engine, Google Apps Script, and Google Storage for Developers.
Together with the SAS 70 Type II (covering dates prior to June 15th, 2011), these third party audits provide additional assurance to customers that their data is well protected."
"Third party audits are only part of the security and compliance benefits of Google Apps and Google App Engine products."
"We protect our Apps customers' data by employing some of the foremost security experts, by executing rigorous safety processes, and by implementing cutting-edge technology," Feigenbaun added.
These protections are highlighted in the security white paper and data center video tour embedded below:
For more information visit Google Apps Trust page.
[Source: Enterprise blog]