WebProNews

Tag: Compliance

  • Google Drive Boosts Security, Privacy Control For Businesses

    Google Drive Boosts Security, Privacy Control For Businesses

    Google says the number of paying organizations actively using Google Drive crossed a million earlier this year. The company is taking steps to improve security and privacy protection for Drive as well as Google Apps for Work and Google Apps for Education.

    For one, Google Drive is getting enhanced eDiscovery for Google Apps Vault, which gives businesses more visibility and control over employee files. In other words, Drive will fall under the same retention policies and legal hold capabilities available for email and chat. Google says these capabilities will help businesses meet their legal obligations and ensure employee files are archived and available as long as needed, even if employees delete them from their Drive. This is in limited rollout and will be generally available in the coming months.

    Google has also updated the Mobile Device Management (MDM) for Google Drive business customers, enabling businesses to monitor usage, enforce strong passwords, and enable device encryption. If a worker loses their phone or leaves the company, the data can be wiped. Business data can we wiped without wiping their personal data. Earlier this year, Google Drive debuted on comScore’s list of the top 25 mobile apps. In August, it was number 16 on the list.

    Finally, Google is adding the new ISO/IEC 27018:2014 privacy standard to its compliance framework.

    “This audit validates our privacy practices and contractual commitments to our customers, verifying for example that we don’t use your data for advertising, that the data that you entrust with us remains yours and that we provide you with tools to delete and export your data,” explains Google Drive Director of Product Management Scott Johnston.

    In a post on the Google for Work blog, Head of Global Compliance Marc Crandall says:

    We continuously work with independent auditors to verify our data protection commitments. For example, over the years we’ve completed third-party SOC2 / SOC3 security audits and achieved ISO 27001 certification to provide transparency and accountability around our security procedures.

    The 27018 audit also validates that our Google Apps data protection commitments meet a rigorous international privacy and data protection standard. We think that this a great step forward for both our customers and for the industry. While laws and regulations vary from country to country, the principles set forth in the standard are widely recognized.

    Independent auditor Ernst & Young has verified Google’s privacy practices and contractual commitments for Google Apps for Work and Google Apps for Education comply with the new standard.

    Image via Google

  • New IBM Platform Helps Businesses Feel Comfortable about Social Media

    New IBM Platform Helps Businesses Feel Comfortable about Social Media

    While there are many benefits involved with social media, there are also a lot of potential risks, especially for regulated industries. Businesses that want the easy way out choose not become involved in social media, which is often to the disappointment of consumers.

    Rene Schimmer, the Offering Manager for Social Software for IBM Collaboration Solutions, told us that shunning social media might not be a long-term option.

    “Avoiding it is not going to be an option for much longer,” he said. “We [IBM] see these tools as a fundamental instrument to work.”

    Is social media becoming a necessity in business? Let us know your thoughts.

    It is completely understandable that businesses are concerned about the risks, but, as Schimmer said, social media is becoming fundamental in just about everything. People today that are hired are not going to be able to abandon all their social media practices and rely solely on telephones and email.

    IBM is very aware of these potential risks, as well as the benefits, and recently expanded its social software portfolio in an effort to better meet business needs. The platform is called IBM Connections and is an offering for social collaboration within a business.

    The main focus of this platform is to help businesses with compliance concerns. For this reason, IBM partnered with Actiance, to bring logging and archiving to the offering. Together, the companies provide a social networking platform with real-time compliance capabilities.

    For example, if someone comments on a wiki, the action is logged. If that same person goes back 5 minutes later and deletes the comment, that action is also logged. In other words, there is always a trace, which is very beneficial when it comes to auditing.

    Schimmer told us that platforms such as this help businesses feel comfortable about using social media. Every business knows there are risks involved, but having a way to manage those risks is comforting.

    “If we can provide a solution that allows organizations to know that their employees cannot circumvent the system, either by intent or just not knowing how to do it properly, that creates that comfort level, so they are able to roll out social systems and work with them,” he said.