Security - Baseline
Home arrow Security arrow Page 2 - Are Googles Security Practices Up to Snuff?















Renew Your Subscription

Security



Are Googles Security Practices Up to Snuff?



By Ericka Chickowski
2008-05-23
Article Views: 18563
Article Rating:starstarstarstarstar / 7

  Table of Contents:
  1. Are Googles Security Practices Up to Snuff?
  2. Google Security: Fundamental Control Issue
  3. Google Security: Google Fights Back
  4. Google Security: Wait and See

Although Google has made some key security acquisitions and added talented security pros to its team, many IT and security managers still won’t trust their enterprise applications to the company’s cloud offerings.

Rate This Article:
Poor Best
Add This Article To:

Are Googles Security Practices Up to Snuff? - Google Security: Fundamental Control Issue


( Page 2 of 4 )


Nevertheless, many security and IT managers say there is a fundamental control problem that makes the migration of data to the cloud a risk they are not willing to assume.

“It gets back to a lack of control,” says Randall Gamby, a security analyst for Burton Group, a research and advisory firm based in Midvale, Utah. “Businesses are hoping Google will pick the right tools to secure the infrastructure, but they have no assurances and no say in what it will pick. Plus, many of these organizations have to ensure regulatory compliance, and a lack of control makes them wonder whether Google can support their compliance needs.”

According to Craig Balding, author of the CloudSecurity.org blog and a security practitioner at a Fortune 500 bank, enterprises need to figure out how to balance productivity with security when it comes to trusting in cloud solutions, including those offered by Google. He says part of that balancing act may involve learning how to classify data and educating users on which data and functions are—or are not—appropriate to put on Google Apps.

“I think the issue will be what kind of data is being put in the cloud,” Balding says. “If you are a bank and have transaction information up there, that’s a problem. But if the data is for a marketing Web site, that might be a different story.”

Balding suggests that enterprises might put their toes in the water with less risky segments of their data to establish trust in Google before using its software for more substantial products. On the other hand, some organizations may not be comfortable using any of the offerings until they get a better view of Google’s security practices.

Cole of Varolii believes education is critical in these cases because users may be adamant about the usefulness of Google’s offerings and may try to sneak them under the radar if they don’t understand the risks. He believes users are more likely to comply if the business reasons for such a ban are explained to them.

“User education is very important,” Cole says. “If you just come out with an edict of ‘Thou shall not,’ you will have problems because people like their tools and feel they need them to do their jobs. Employees have to be made aware of the risk assessment. You’ll get more compliance when they see you are trying to work with them.”




 
 
>>> More Security Articles          >>> More By Ericka Chickowski
 



Sponsored Links
  • Get up and running in as quickly as 30 days with BI. Learn how today.

  • FREE Securing Smartphones & Tablets for Dummies Book from Sophos
  • 5 New Technologies That Will Change Enterprise ITAdvertisement
  • Build an IT Infrastructure That Delivers the Future
     
    		•
     
    FEATURED SPONSORED ARTICLES
    FEATURED SPONSORED VIDEOS

     

    Related Content

    Articles Labs/How-To Multimedia


    LATEST STORIES
    - Five Ways to Put Mobile Technology to Work
    - Ten iPhone Apps that Will Save You Money
    - Mobility Transforms the Customer Relationshi...
    - BPM Keeps Pace With Business Changes
    - Speech Recognition Speaks To Businesses


     

     

    Advertisement
    rss graphic
           Baseline Newsletters

    Baseline:  

    Issue Index | Contact Us | About | Magazine Customer Service | Navigation Guide

    Quick Links:  

    Project Planners | Enterprise Resource Planning | Network and Online Security | Data Analysis | Process Management | Storage Devices| Link to Us

    Ziff Davis Enterprise Home | Contact Us | Advertise | Link to Us | Reprints | Magazine Subscriptions | Newsletters
    Tech RSS Feeds | White Papers | Tech Podcasts | Tech Video | VARs | System Builder

    Baseline | Careers | Channel Insider | CIO Insight | DesktopLinux | DeviceForge | DevSource | eSeminars |
    eWEEK | Enterprise Network Security | LinuxDevices | Linux Watch | Microsoft Watch | Mid-market | Networking | PDF Zone |
    Publish | Security IT Hub | Strategic Partner | TechDirect | Technology White Papers | Windows for Devices

    Developer Shed | Dev Shed | ASP Free | Dev Articles | Dev Hardware | SEO Chat | Tutorialized | Scripts |
    Code Walkers | Web Hosters | Dev Mechanic | Dev Archives | igrep

    Use of this site is governed by our Terms of Use and Privacy Policy

    Copyright ©1996-2012 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. eWEEK and Spencer F. Katt are trademarks of Ziff Davis Enterprise Holdings, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise Inc. is prohibited.