[UPDATED] Is Google lying or misleading over FISMA certification of Google Apps for Government?
When it comes to supplying software solutions to the U.S. governmental agencies they all have to be certified under the Federal Information Security Management Act (FISMA). Most of us wouldn’t have any interest in this but this certification was the center point last year when Google launched a lawsuit against the Department of the Interior after it awarded a large contract to Microsoft.
In the lawsuit Google claimed that it had been unfairly excluded from the bidding process even though its Google Apps for Government had the necessary FISMA certification.
Except as it turns out it didn’t.
At least that is what was revealed recently as some of the court papers from the lawsuit were made public. In fact is that the Department of Justice rejected Google’s claim that their Google Apps for Government had any sort of FISMA certification.
In fact Google made this claim not once but three times in its motion for a preliminary injunction bu in light of the disclosure by the DoJ one has to wonder if Google knowingly mislead the court or outright lied.
On top of this Google continues to state this FISMA certification
Google has repeated this statement in many other places as well. Indeed, for several months and as recently as this morning, Google’s website states, “Google Apps for Government – now with FISMA certification.” And as if that’s not sufficient, Google goes farther on another webpage and states “Google Apps for Government is certified and accredited under the Federal Information Security Management Act (FISMA).”
Of course Google apologists will call into question the fact that it is Microsoft bringing this story to the forefront but the simple fact is that Google is at the very least misrepresenting the facts here regarding their FISMA certification.
Google has yet to respond to this revelation.
UPDATE: My good friend Frederic Lardinios at NewsGrange got a response from Google on the story:
Here is a statement from Google’s David Mihalchik (Strategy and Business Development Lead Google Federal) regarding this issue:
“This case is about the Department of Interior limiting its proposal to one product that isn’t even FISMA certified, so this question is unrelated to our request that DOI allow for a true competition when selecting its technology providers.
Even so, we did not mislead the court or our customers. Google Apps received a FISMA security authorization from the General Services Administration in July 2010. Google Apps for Government is the same system with enhanced security controls that go beyond FISMA requirements. As planned we’re working with GSA to continuously update our documentation with these and other additional enhancements.”
Nice little bit of misdirection if you ask me.