Newsletters Welcome, Guest Log In | Register
Blogs:

Mike Vizard

IT Unmasked

Revealing the Business Value of Innovation

About this Blogger RSS

< Previous | Next >

Subscribe

Sign up now and get the best business technology insights direct to your inbox.

  • Daily Edge
  • CTO Edge Update
  • Business Tools & Templates
  • Aligning IT & Business Goals
  • Maximizing IT Investments

1

Securing Google Applications

Posted by Michael Vizard Sep 23, 2009 11:55:11 AM

This may come as a shock to some IT people, but end users are sharing sensitive corporate information over public cloud services such as Google Docs. A recent survey conducted by International Data Corp. (IDC) found that about 20 percent of the end users surveyed reported that Google Docs was widely used within their organization.


The reason people do this is because the alternatives for setting up ad hoc collaboration across multiple workers is painful. It usually involves calling an IT person, setting up permissions and filling out all the licensing paperwork to pay for it. All the end user really wants to do is share a document with a few co-workers, so even though they know there are potential risks, they do it anyway.

 

But, there are obvious security issues with any cloud application, as evidenced by news that some students were able to see each others' Gmail inboxes.


The good news is that Google is starting to get a little more serious about security. For the premier edition of Google Apps, the company now supports multi-factor authentication schemes from TriCipher and Verisign. These systems make it easier for Google to challenge users trying to access documents from unknown machines, thereby adding another layer of security beyond just the basic password most people use today.


None of this provides a foolproof approach to Google security. But given the tendency of end users to rely on the same passwords across multiple Software-as-a-Service (SaaS) applications, it would definitely be worth an ounce of prevention to add another layer of security. After all, if a user’s password is compromised anywhere on the Web, chances are good that will come back to haunt you sooner than you think.

More from our Network

How Google App Engine Datastore Works  CTO Edge

Google and Unified Communications  Unified Communications Edge

Google Phone Ups the Ante  CTO Edge

Google Gives Operating System to Open Source Masses  CTO Edge

Ltech Integrates Google Apps with the Enterprise  CTO Edge

Add a comment Leave a comment on this blog post.
Oct 19, 2009 7:48 PM Guest tstewart  says:

GoogleApps is too cool to slap on re-hashed legacy authentication soltuions.    SecureAuth is able to perform two-factor authentication that is more flexible and stronger than Verisign (and all the "cloud" start-ups like MyOneLogin trying to compete).  However, SecureAuth does not replicate your enterprise datastore.  Don't outsource your identitites!  In addition, SecureAuth is the only solution I know of that can authenticate cloud apps as well as on-premise enterprise apps AND VPNs in one solution.   SecureAuth large enterprise customers are using it as a migration path to secure cloud computing.   Do check it out.
Reply

Related Content

Browse

Topic: Google

Out to "organize the world," Google, which started as a search engine, is well on its way

Blog: Google's Privacy Principles Still in Question?

Article: BriefingsDirect Analysts Discuss Ramifications of Google-China Dust-Up over Corporate Cyber Attacks

News: Google to Add Social Networking Features to Gmail

Related Topics

Authentication Systems, Passwords, Productivity Software, SaaS

Featured White Papers

Browse

Preventing Data Corruption in the Event of an Extended Power Outage

This white paper discusses various power management software configurations, and presents best practices aimed at ensuring system uptime.

IT Operations 2009: An Automation Odyssey

Read this white paper to learn why all IT shops need to consider their plans for automation, including the many derivative outcomes for process refinement, staffing, tools, and the organization itself.

Resource Centers

Browse

Tape Storage

Disaster recovery and business continuation that includes encryption, all at a manageable TCO.

Featured Whitepapers

Tape Fallacies Exposed — The Future of Tape Is Still Bright

Virtual Workforce

The virtual, remote, and mobile technologies that allow your company's workforce to work anywhere and at any time.

Featured Whitepapers

Virtual Workforce: The Key to Expanding the Business While Cutting Costs

Data Center Management

Indispensable technologies and best practices to maintain your organization's most valuable asset.

Featured Whitepapers

Management Strategy for Network-Critical Physical Infrastructure

Greening IT with Server Consolidation

Learn how virtualization reduces the TCO of managing your date, while contributing towards your sustainability efforts.

Featured Whitepapers

Faster, Cheaper and Easier to Maintain: Can You Afford Not to Upgrade Your Servers to Today's Advanced, Energy-Efficient Technologies?

Premium Tools

Browse

The IT Service Catalog Management Toolkit

Bridge the IT-business gap once and for all! A well documented IT services catalog is the conduit for IT services to the rest of the company.

Learn more >

Six Sigma Framework for IT

This collection of tutorials, calculators, and templates will show you how to apply Six Sigma thinking to IT service management.

Learn more >