Cloud computing is an area in which you have to trust the cloud platform, infrastructure host, and app developer. So the certification means that the platform is probably okay, but that doesn't make apps based on it any less susceptible to attacks. You're still left to the uncertified whim of the app developers, and whatever they do with the data once it leaves the app engine from the other end. In other words, you can't say anything conclusive about the security of anything based on google apps as a result.
Further, a ISO certification is a purely technical certification. Cloud security has as much to do with policy as it does with technicalities. ISO won't protect you from government, or judicial, inquiries.
That makes for a rather useless certification, don't you say?
Google Apps receives ISO 27001 certification
In the early days of the cloud, security concerns were often at the top of business minds as they considered moving to Google Apps. More recently, though, security has become a major reason businesses…