Google Lacks FISMA Accreditation For “Google Apps For Government”
Google has said that its suite of government office products have been certified under a law that mandates strict information security rules for federal agencies. The Justice Department, however, says otherwise. Google Apps for Government is Google’s solution for government-focused email and office product that is certified under the Federal Information Security Management Act, known as FISMA. The requirements for FISMA are enforced to safeguard digital information used by federal agencies.
Google has been trying to gain edge over its competitor, Microsoft, with a “extra-secure” government version of Google Apps and claims that its suite is accredited under FISMA. There is a small problem with Google’s claim however, and the problem arises from recent documents that were unsealed last week as part of an ongoing lawsuit Google had filed in October against the Department of the Interior. The Justice Department lawyers wrote that “notwithstanding Google’s representations to the public at large, its counsel, the [Government Accountability Office], and this Court, it appears that Google’s Google Apps for Government does not have FISMA certification.”
The briefing goes on to describe a December e-mail that was exchanged with a security officer at the US General Services Administration, telling another official that “google for government does not have a [certification and accreditation]” but that the company was seeking one. Google countered saying that the consumer and business version of its software did receive a FISMA certification in July of 2010. Google also stated that since Google Apps for Government is the same system as the consumer version but with enhanced security, that it should have also been covered when the original certification was filed. I am interested to see what will happen with this court case.
Photo Courtesy of _mattxb
Photo Courtesy of FadderUri
Photo Courtesy of Danny Sullivan