On Monday, Google introduced a new version of its Google Apps suite specifically designed for use by federal, state and local government agencies in the U.S. Google Apps for Government provides the same applications that are otherwise available, but with Federal Information Security Management Act (FISMA) certification, as well as other support for governmental regulations. The apps include Gmail, Calendar, Google Docs, Google Sites, and video sharing.
Among government customers, Google Apps is being used by the U.S. Navy to coordinate disaster relief operations and by the Lawrence Berkeley National Laboratory.
Los Angeles, Orlando
Google's list price for government use is $50 per user per year. The Berkeley lab has said it expects to save as much as $2 million annually over the next five years.
Other customers include the cities of Los Angeles, Calif. and Orlando, Fla. The Los Angeles, Calif., project has encountered some snags over performance and security concerns, which caused Google to miss a June 30 implementation deadline. But the company says the project is now on track to save as much as $5.5 million for the city over the next five years.
Matthew Glotzbach, director of product management for Google's enterprise products, has told news media that it would have been easier for the company to first tackle smaller municipalities, but Los Angeles was ready to go.
Google said Google Apps for Government is the first multi-tenant cloud-based application suite to receive government certification, with an authority to operate at the FISMA-Moderate level.
This certification of Google's security controls, the company said, can benefit all of its customers, including those in the private sector, and it is making its FISMA documentation available for review by interested agencies so a comparison to existing security controls can be made.
The company said an independent auditor has assessed the level of operational risk as low, for which it received an unqualified SAS70 Type II certification. This independent certification verified that the company had controls and protocols in place for logical security, privacy, data-center physical security, incident management and availability, and change management.
'Safe and Reliable'
Google said its security and reliability measures include best-in-class disaster recovery, no scheduled downtime and 99.9 percent uptime in the service-level agreement, rapid updates and configuration changes across the entire network as needed, and a full-time information security team.
Among other things, Google Apps for Government utilizes segregated systems for federal government customers, and all government data is stored in the U.S. only. This same "community cloud" is also available to other government entities.
In case some government officials are wary of posting data to a Google cloud, Google noted that it does not claim any ownership for stored data, and that, even when data is running on the same server, it is "virtually protected as if it were on its own server." It compared the security to shared infrastructures in online banking.
Laura DiDio, an analyst with Information Technology Intelligence Corp., said the implicit message of Google's government certification and contracts is that "it's safe and reliable." She noted that this could provide a kind of verification for businesses who are considering using Google's cloud services.
Posted: 2010-07-28 @ 9:49pm PT
I think you need to get your story staight. Los Angeles gave Google the boot last week in favor for another provider.