Security Experts:

Connect with us

Hi, what are you looking for?



Android Enterprise Receives ISO 27001 Stamp

Google this week has revealed that Android Enterprise has received ISO 27001 security certification. 

Google this week has revealed that Android Enterprise has received ISO 27001 security certification. 

Designed to provide features that allow IT teams to keep corporate and personal data secure using flexible tools, Android Enterprise is tailored specifically for businesses. The program ensures that best practices and common requirements are followed, making Android ready for use within organizations.

The recently received ISO 27001 certification, Google says, proves that Android Enterprise information security practices and procedures, which target Android Management API, zero-touch enrollment and managed Google Play, are in line with industry standards for security and privacy.

“Sound privacy, data security, organizational policy and practices are essential to gaining user trust. The ISO 27001 certification and SOC 2 and 3 reports confirm Google’s information security practices so that IT admins, users and other stakeholders have confidence about Android Enterprise security practices,” the company notes

ISO 27001, which is granted by the International Organization for Standardization, describes the requirements for an information security management system, presenting best practices, along with a list of security controls regarding information risk management.

There are more than a dozen standards in the 27000 family, but “ISO/IEC 27001 is the best-known standard in the family providing requirements for an information security management system (ISMS),” the International Organization for Standardization says.

Based on American Institute of Certified Public Accountants (AICPA) Trust Services principles and criteria, the SOC 2 and 3 reports include assessments of the security, availability, processing integrity and confidentiality or privacy of an organization’s information systems. 

According to Google, the certification is only received after an independent assessor performs a thorough audit, reviewing the methodology of documentation and procedures for data management.

“Android is invested in a wide range of protections and management tools to help companies secure their data. This external validation, together with our ongoing efforts, is a testament to how Android Enterprise meets the highest privacy and security needs of today’s businesses,” Google concludes. 

Related: Monthly Patches Are Recommended Best Practice for Android, Google Says

Related: Android Q Brings New Privacy and Security Features

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content


The UK’s NCSC has issued a security advisory to warn about spearphishing campaigns conducted by two unrelated Russian and Iranian hacker groups.

Cybersecurity Funding

B2B payment security provider NsKnox raised $17 million in a new funding round that brings the total raised by the company to $35.6 million.


Privacy experts have said they fear pregnancies could be surveilled and the data shared with police or sold to vigilantes.


Regularly rebooting smartphones can make even the most sophisticated hackers work harder to maintain access and steal data from a phone


An Italy-based firm's hacking tools were used to spy on Apple and Android smartphones in Italy and Kazakhstan, Google said Thursday, casting a light...


Google has removed roughly 1,700 unique applications from its Google Play app store that were part of a family of potentially unwanted programs. 


Steven Mnuchin’s Liberty Strategic Capital acquires majority stake in Dallas, Texas-based Zimperium 


Microsoft on Tuesday released its November 2017 security updates to resolve 53 vulnerabilities across products, including a security bug that has impacted all versions...