Google Cloud meets the German Federal Office for Information Security requirements – BSI C5

Matthias Rauer

Relocating business processes and software to the cloud has many advantages: more flexibility, overcoming limitations on physical space, reducing local infrastructure needs, lower costs, and more efficient collaboration across multiple locations. Large corporations are increasingly often opting for cloud solutions for good reasons.

But data security is still a frequently discussed topic in cloud services, and rightly so: How is our organization's information protected - both by our cloud provider and "during transmission"? What happens to our data when it's with the cloud provider? What precautions are taken prevent data loss or misuse?

Customers can rest assured that their trust in Google's enterprise software is not misplaced: Google Cloud has successfully completed the BSI C5 audit.

An objective assessment of cloud services' data security

The BSI C5 - the Compliance Controls Catalogue covering cloud providers and services, as set by the Federal Office for Information Security in Germany (BSI) - was developed in 2016 to assess the data security of cloud services, and follows strict internationally established standards such as ISO/IEC 27001 and the Cloud Controls Matrix under the Security, Trust & Assurance Registry Program (STAR), the three-tiered cloud provider assurance program managed by the Cloud Security Alliance.

Google Cloud has now passed an independent third-party audit based on BSI C5, covering data management and security in 17 different areas. Stringent requirements for physical security measures, identity and authorization management, encryption and key management, communications, security incident management and more, must be met both technically and procedurally. Read more about the requirements of the BSI C5 and see how they map to the ISO/IEC standards

Trustworthy and accurate risk assessments

Trust is a critical factor when deciding to go with any software solution in businesses, especially cloud solutions. By complying with the comprehensive and strict criteria of the BSI C5, Google has demonstrated their commitment to ensuring data security at all levels of their cloud platform. Companies can confidently use the third-party compliance assessments to make their own informed risk assessment of the cloud solutions they are evaluating. See the full list of national and international standards that Google Cloud and G Suite comply with and the certifications they have achieved.

Are you interested in learning more about using Google software in your company? We are an official Google Cloud Partner and would gladly support you as you explore cloud solutions, license Google Cloud software and implement it within your company. We can even help you with custom plugin development. Get in contact with us - we'd love to help you collaborate effectively and securely in Google Cloud!

Lesen Sie diese Seite auf Deutsch

Further information

Why large companies and organizations are choosing Google G Suite
Google joins the EU-U.S. Privacy Shield
Social intranet – Bring cloud services like Google G Suite, Salesforce, SAP, and others together

Forget Less and Ensure Quality with didit Checklists for Atlassian Cloud Forget Less and Ensure Quality with didit Checklists for Atlassian Cloud Forget Less and Ensure Quality with didit Checklists for Atlassian Cloud
ATTENTION!
Our blog articles reflect the situation at the time of writing and are not updated. It is therefore possible that the contents are outdated and no longer correspond to the latest developments. We do not accept any liability for this.

Leave a Reply