Google Apps for Government Not Yet FISMA Certified: GSA

Google Apps for Government is not technically FISMA-certified, according to the General Services Administration that certified Google Apps Premier Edition. Google claims they are the same product.

The confusion about whether or not Google Apps for Government is really certified with Federal Information Security Management Act (FISMA) certification boiled over when a General Services Administration staff member said the product was not FISMA-certified.

Google Apps for Government is not FISMA certified as of this writing, but Google Apps Premier edition, now known as Google Apps for Business, has been FISMA certified since July 2010.

Google, which argues that Google Apps for Government is the same product as Google Apps for Business, contends the argument that that the product does not require a separate certification.

Rather, Google believes it only needs recertification to reflect the fact that Google Apps for Government includes data location and government data segregation on separate servers from regular Google Apps users.

The GSA appears to be leaning toward agreeing with Google on this score, and told eWEEK it is working with Google to update the original FISMA documentation for Google Apps to incorporate Google Apps for Government.

While Google views the certification of Google Apps for Government is a foregone conclusion, anything can happen over the course of a recertification.

There are no guarantees in government contracts, as we learned when Microsoft's bid to provide its own Business Productivity Online Suite for the Department of Interior's 88,000 employees was halted by an injunction requested by Google. The search engine argued the DOI didn't lawfully consider Google Apps in the spirit of open competition.

It's come as no small irony then that Microsoft ignited the Google Apps hullaballoo April 11 when it cited statements in a court filing that it claims proves Google has been lying to the Justice Department about achieving FISMA for Google Apps for Government.

Google denied the allegation and claimed that Microsoft is trying to create a smokescreen for the fact that it doesn't have the Federal Information Security Management Act (FISMA) certification for its own rival BPOS software.

With claims of Google behaving in an anticompetitive manner flying about on Capitol Hill, the matter caught the eye of U.S. Senator Tom Carper (D-Del.), who convened April 12m as detailed by Business Insider.

GSA spokesman David McClure told Carper that while the GSA certified Google Apps Premier Edition with FISMA because it met the necessary security provisions required by government IT protocols, the GSA was working with Google to get Google Apps for Government the FISMA credit.

"It's a subset of Google Apps Premier, and as soon as we found out about that, as with all the other agencies, we have what you would normally do when a product changes, you have to re-certify it. So that's what we're doing right now, we're actually going through a re-certification based on those changes that Google has announced with the "Apps for Government" product offering.