Google this week has revealed that Android Enterprise has received ISO 27001 security certification.
Designed to provide features that allow IT teams to keep corporate and personal data secure using flexible tools, Android Enterprise is tailored specifically for businesses. The program ensures that best practices and common requirements are followed, making Android ready for use within organizations.
The recently received ISO 27001 certification, Google says, proves that Android Enterprise information security practices and procedures, which target Android Management API, zero-touch enrollment and managed Google Play, are in line with industry standards for security and privacy.
“Sound privacy, data security, organizational policy and practices are essential to gaining user trust. The ISO 27001 certification and SOC 2 and 3 reports confirm Google’s information security practices so that IT admins, users and other stakeholders have confidence about Android Enterprise security practices,” the company notes.
ISO 27001, which is granted by the International Organization for Standardization, describes the requirements for an information security management system, presenting best practices, along with a list of security controls regarding information risk management.
There are more than a dozen standards in the 27000 family, but “ISO/IEC 27001 is the best-known standard in the family providing requirements for an information security management system (ISMS),” the International Organization for Standardization says.
Based on American Institute of Certified Public Accountants (AICPA) Trust Services principles and criteria, the SOC 2 and 3 reports include assessments of the security, availability, processing integrity and confidentiality or privacy of an organization’s information systems.
According to Google, the certification is only received after an independent assessor performs a thorough audit, reviewing the methodology of documentation and procedures for data management.
“Android is invested in a wide range of protections and management tools to help companies secure their data. This external validation, together with our ongoing efforts, is a testament to how Android Enterprise meets the highest privacy and security needs of today’s businesses,” Google concludes.