Google Copies Corporate Data to Google's Servers?

Penguinisto writes "According to Silicon.com, some CIOs have been seeing their company data being transferred to Google's servers as part of Google Desktop's functionality." From the article: "Mark Saysell, IT director at Coutts Retail Communications UK, said he is planning a network audit to find rogue installations, which will then be de-installed. New security measures will also be put in place to prevent further downloads. He said: 'Google has definitely over-stepped the mark and in turn is forcing IT departments to take a very draconian approach to machine security and web access.'"

This is dumb

[Danse]

If CIOs don't want people using Google Desktop, then make it a policy that they should not use it. Enforce the policy. End of story. Don't blame Google for making a tool that a lot of people find useful. There are other ways to give your enterprise the same capabilities without compromising your data.

Re:CIOs, come on, go(ogle) for it!

[saleenS281]

Except, as we've seen, even the great google has software vulnerabilties. Whether they are trying to be good citizens is irrelevant. What happens when hackerX finds a hole and has access to * corporations NDA type information. I know I'd rather have it stored away on an internal server behind a vpn and several firewalls with IP based filtering than on google's network, but that's just me.

Re:CIOs, come on, go(ogle) for it!

[Knight+Thrasher]

You;re forgetting crucial items, such as payroll and customer information like personal info and credit card info, for example. These two things alone would convince me to lock down my workplace from using Google Desktop. That is data I don't want easily distributed in any fashion.

Not googles fault

[The+Mysterious+X]

This isn't an issue with google. It's an issue with the users.

Search across computers is disabled by default. It doesn't even ask you to enable it in the intaller. You have to hunt through the options to turn it on.

It's not google "overstepping the mark" it's incompetant users changing settings they don't understand.

On a different note, if I were a sysadmin, then I would not be letting them install GDS anyway, without authorisation. They are company machines, subject to company rules, and should only run company software.

Re:Not googles fault

Google has one goal and one goal only: to get paid to put an advertisement on every piece of information you see. In chasing that end they will be exactly like every other money grubber on the planet and do the absolute minimum necessary to avoid liability. Making a program that makes it extremely easy to do something complicatedly bad is not good.

By making products whose normal functioning is a security risk, in the eye's of IT managers and system administrators Google is aligning itself with the likes of Sharman Networks. Instead of being a useful tool, Google is putting a cost on organizations so that Google can drive up it's market share and make more money for themselves.

People talk about Google being a good corporate citizen. No, Google is not a good corporate citizen. A good corporate citizen wouldn't carry out activities that cost other people money in order to drive up their own profit.

In short, Google is a bunch of wankers.

IT Maintaining Software

[ThePepe]

Is it really asking too much of an Admin to maintain good software installation permissions and policies? If untrustworthy users have been given high enough authority to install their own software then Admins have no one to blame but themselves.

Well you can probably blame management too.. thats always good.

Re:more sensationalism

[Reality+Master+101]

This article is a joke. It's all about quoting people talking about how dangerous the new version of Google Desktop is when Google is very up-front about telling you what features will result in data being copied, and how to turn it off. IT'S DISABLED BY DEFAULT. You have to WANT to turn it on.

I see you've never worked in customer support. Rule #1: People f*** with stuff. If there's a way for users to screw things up, then users WILL screw things up. All it takes is one secretary in the wrong position to flip the switch and suddenly you have Ubersecret Documents flying out of your not-as-secure-as-you-thought network. Sure, I doubt Google is going to spray your documents all over the web, but if I was a CIO whose entire livelihood depending on locking down the network of a multi-billion dollar company, I wouldn't want this thing on my desktops, either. The "neat-o" functionality provided just isn't worth the risk that someone might sniff out the data somewhere in the chain.

Re:more sensationalism

[duffbeer703]

When one of your bank's employees decides that he WANTS to "share" your personal data with his home PC, don't bitch.

Doing what it's designed to do

[Todd+Knarr]

Google Desktop is doing what it's designed to do: keep user's data on central servers so it's accessible from anywhere. It's just that it makes the assumption that all of the computer belongs to the user. Obviously in a corporate environment that's not the case, but Google Desktop doesn't know what kind of computer it's on so it can't do anything about that. The company needs to be more emphatic about the "no unauthorized software" rule (they do have a "no unauthorized software" rule, don't they?).

Re:more sensationalism

[Knight+Thrasher]

At that point Google Desktop would be more of a tool, and it would fall more on the employees shoulders for responsibility.

If I install a FTP server app on my computer at work, set it to allow anonymous and share my whole hard drive, that's my fault when feces meets oscillating blades.

google value

[woverly]

This is where Google's greatest value really lies: data mining. The possible advertising revenue pales in comparison to the value of the corporate (and even consumer) intelligence that Google collects. Simply being able to detect that persons in company x are suddenly interested in company y and that investment bank z is also interested in company y would allow one to predict things like mergers. Increased specific searches around the holidays might help predict which retail chain might do well. The power of Google should not be underestimated.

Easy solution

[GmAz]

Tell your employees not to install the software. Its not that hard. And if the employee does install it, hold that person liable for the data transfered.

Re:more sensationalism

[jibjibjib]

If they're trying to stop employees *deliberately* getting their data copied to other servers, they would need to block internet access altogether. On its own, banning Google Desktop would not help to stop people who actually want to send data to places.
There is a possibility that someone might not understand what they're doing, and accidentally enable this option, but similar possibilities exist with any Internet software, so there's no reason to single out Google Desktop specifically in this case.

Re:more sensationalism

[g0at]

This article is a joke.

Zonk posted the article. Just like the completely misleadingly-excerpted Apple one earlier. Are you surprised?

-b

These CIOs should also

[moria]

They should also forbid/filter HTTP POST requests, IM file transfers, e-mail attachments, and any internet application that would allow the enterprise data to flow out of the company network.

This style of ruling totoally miss the point. You should teach your employers to generally avoid leaking enterprise data out of the company network and the risks of using certain applications. It is not to disable or to forbid the use of certain programs. Google Desktop Search is not built to compromise your data security, especially when this contradictionary function is turned off by default. It is your disloyal employer who you should be careful about. Your employ will always find a way if he wants to leak the enterprise data.

Google has Overstepped the mark?

[logicnazi]

By doing what? Releasing a software package which does exactly what it says it does?

Might as well say the people who wrote FTP overstepped the mark as it doesn't stop people from sending sensitive data outside the company.

Here's what's dumb

[fm6]

Which is exactly what the CIO did. What's dumb is that Google (allegedly) got careless about copying data, putting the CIO in the position of having to ban the program. And what's absolutely stupid is idiots like you insisting that it's no big deal, just because nobody's forced to use the product. That's like saying that exploding laptops are no problem, just because only some brands explode.

I use Google desktop, and find it very handy. It's quite possible I'll have to give up using it because of this issue. That doesn't make me feel well-disposed towards Google, or inclined to try any new products they might release.

WTF?!

[d34thm0nk3y]

If these people have such sensitive data on their machines why the hell are they allowed to install any random software off the web onto them?? You can get "software" that does waaaaaaay more than just cache some of your files online, and you might not even know you installed it.

Re:more sensationalism

[jdgreen7]

Normally, I would agree with you. But, seeing as how the Google Toolbar is now included with the latest Sun JVM (even when simply doing their "security updates", you have to manually uncheck the option to download that tool), I'm getting a little leary of the Google monster. It's one thing to offer a service to someone as an option, but quite another to bundle your service with unrelated options as part of "security updates".

Who's to say that Google some day won't decide to enable this feature by default in the future as part of their own security upgrade? We've finally taken the stance of not allowing employees to install ANYTHING on their PCs anymore as a result of such bundling in addition to more and more spyware crap recently. A little more work for us in some aspects, but I think it will save us down the road.

Google doesn't understand corporate IT

It seems to me that Google is in the same position that Microsoft was years ago, when corporations all ran Netware or IBM servers because Microsoft products were naive about corporate reqirements. Google will probably climb the learning curve faster than Microsoft did, but they aren't there yet. /. readers who make suggestions like "forbid installing the software" or "fire users who do it" also don't understand corporate IT. Some corporations have desktops locked down so users can't install software, but some don't because their users are higher level and need to install selected applications.

The suggestion to fire users who turn on the data upload is also hated by IT managers. Corporations are full of clerks and other mid-level people who never read IT policy documents, don't really care about security, and like to turn on cool features. The IT manager is not going to look good if he tells HR "Sally who is otherwise a great employee checked this box because she didn't know she shouldn't, so now you have to fire her".

IT managers differ, but they generally want to give users as much functionality as possible, as long as they are sure it is safe and reliable. What an IT manager probably wants are network-level options to (1) forbid Google desktop entirely, (2) allow it but disable the data-sharing features, (3) leave it up to the user, or (4) do a mandatory (push) install to all desktops. Then the IT manager would want a web page or other report to see who had done what.

When Microsoft figured out requirements like these, they invented Active Directory and its Group Policy component. Look at products like Symantec Antivirus Corporate, where you can look at all desktops and verify their antivirus status from a central console, or Microsoft's own free WSUS which lets you make sure everybody in the corporation has installed all critical patches.

These are the kinds of solutions that work in the real world as opposed to firing people, and as soon as Google figures this out they will be a lot more popular on corporate desktops.

Re:Google doesn't understand corporate IT

The thing is, Google has provided *all* the features one needs to manage this through GPO. I work for an extremely paranoid company, and after some specific review we decided that Google Desktop provided entirely sufficient control through Group Policy objects to enforce company policy on data management.

This includes control over:
    1) Which features users can enable
    2) Which features must be enabled
    3) Forcing encryption of indexes on a per-user basis
    4) Which versions of the product can be installed
And much else.

With a single GPO switch I can turn off Google Desktop across the enterprise, prevent a new release from working, or force an upgrade. What's not to like? The the cross-desktop search feature was announced we blocked installs until we understood how to control it, then put those controls in place and got on with our lives.

The core problem is Corporate IT departments not spending the time to explore possibilities in new products - their knee-jerk reaction is 'no' (for many reasons). This is a case where I'm glad my team did our due diligence, because it allowed us to safely approve use of a free product that significantly enhances employee productivity.

Don't be stupid - read the docs and make your users happy.

Blaming Google is Bullshit

[richg74]

From TFA:
$ORGANIZATION is about to update its information security policy in light of Google Desktop with a recommendation that the software must not be downloaded onto any ... PC.

For heaven's sake, what planet do these people that are allegedly responsible for IT come from? Let's see:

1. Express great concern for security of secret corporate data
2. Allow users to install software on their PCs
3. Express shock and outrage that potential security problems develop
4. Blame Google !

I've worked as an IT director in a few financial services companies over the last ~20 years, and everyone employed there, on their first day, had to read and sign something like this:

I understand that computer equipment and facilities provided to me are the property of the Company, and are to be used only for permitted business purposes, as outlined in the Computer Use Guidelines. In particular, I understand that unauthorized removal of Company data from the premises, or installing or downloading software from any unapproved source, are grounds for immediate termination. I acknowledge receipt of a copy of the Computer Use Guidelines.

We would install or make available external software if it was useful and appropriate, after testing it. Otherwise, no dice. Will some people complain? Absolutely! Tough shit.

Re:more sensationalism

[AusIV]

So Google shouldn't create a useful tool because it might be abused? There are plenty of ways that employees can share data that employers would have a hard time stopping, but every one of them is deliberate. If an employee is sharing data they shouldn't be sharing, that's the employee's fault, not Google's.

From a networking standpoint, Google Desktop is as easy to block as any other protocol. I have no problem with companies banning Google desktop on their systems, but isn't it a bit extreme to say Google shouldn't have made a product that many people are using quite productively, just because they have to take efforts after their own employees abuse it?

what a load of FUD

[dargon]

This is really no different than if I sell you a canister of propane with a big warning label on it that says, "If you place this canister into a fire it will explode, killing you". If someone is stupid enough to actually do it, do you really think the company that made the canister is responsible?

- Google Desktop has the functionality to uplaod data to google servers
- This Functionality is turned OFF by default
- To turn this functionality ON you have to purposely navigate to it, it's not out in the open
- Any employee dumb enough to do this in a corporate environment is not an employee you want working in said corporate environment
- None of this is GOOGLES fault

Just because you make an item with a certain potential level of functionality that could be misused doesn't mean it's your fault when Joe Dumbass misuses it.

Re:more sensationalism

[Rolan]

Well...isn't that what this article is about? Sounds like you agree with the CIOs.

Not really. The CIOs in the article are saying that it shouldn't be installed at all. What I'm saying is that the product itself is not "harmful", but simply a feature of the product that is turned off by default. So, there's no problem with allowing people to use the product, so long as they do not turn on the feature. The policy you write is that the feature can not be enabled, and that is what you audit.

If Google wanted to deflect this criticizm even more, they'd do a bit of extra code to allow Group Policy to disable the feature and keep users from enabling it. However, there's not much to criticize about it in the first place. It clearly states what happens if you turn on the feature (some files are stored on Google's Servers) and the feature is off by default. People who turn it on know what they're getting into here; it is very clear. If corporate IT/CIOs have problems with their users, then it is the user to blame, not the software feature.

This is like saying that Microsoft has overstepped the bounds by installing solitare and other games with Windows XP Pro, because it would be harmful to productivity.... The software's not the problem, the user is.

Re:more sensationalism

It's becoming such that the only difference between Google and is marketing.

Consider this:

"Install this great program. It does wonderful things. It has an option(*) that will allow you to do other wonderful things. Really these are great things that you want. Plus we're a really great company, who does no evil.

* Turning on this option that does really great and wonderful things which will make your life one hundred times better transfers everything you type and every file your have to our servers. But only for a little while. And we may or may not search through those files. This feature is great. You want it. It really is the best thing since digital circuits. And you can trust us. We're good people."

Now if it was signed Google, then all the techno-weiners who missed out on the dot-com bubble would be wiping the pre-cum off the ends of their peckers in anticipation.

But if it were Claria/Gator they'd be stridently whining about privacy violations, civil rights, etc. until they were distracted by the fake tits on the Sci-Fi series du jour.

Google is all about freedom of other people's information, but when it is a) their executives, b) their data, or c) might cut into their profits, they are more restrictive than a puritanical grandmother.

It's amazing the really technically complicated shit that Google comes up with in order to further their profit margin and shocking the way that nothing technically hard can be done to reduce the negative impact that Google's actions have on other entities.

Why Doesn't Google Do It Right?

[severoon]

I'm confused...google could have its cake and eat it too if they did this feature right.

Here's how it ought to work. Everything is encrypted client-side before being sent up to the google servers in a way that google can't decrypt based on your user account password guarding public/private keys you generate per machine in the GDS front-end. Only the public keys are shared across the network, the data is completely encrypted everywhere except the endpoints. What's the problem?

Ah ha!, you say, the problem is that they mine that data on their servers for information they can use to advertise at you. First, is this true? I haven't been able to confirm it, though it seems in line with their advertising model. Second, assuming it is true, there's no reason GDS can't create some kind of index over your data client-side and then send up the statistical summary of the info it mined. That way, there's no way the docs could be reconstructed, google gets their ad revenue, and users get their functionality without having to worry about data on google's servers.

Anyone have any notion of why this wouldn't work?

Microsoft: Different Tune? You bet!

[Saeed+al-Sahaf]

This isn't an issue with google. It's an issue with the users.

If this had been a Microsoft product, the tune here would be different. Much different.

Re:Microsoft: Different Tune? You bet!

[rob_squared]

Well, the windows equivalent is file sharing, and that's off by default too. And if it got turned on I'd blame the user, because they would have had to do it.

Parent Moderation -1: False logic.

Rule of thumb

If in order to make your point you have to make up an imaginary viewpoint that would occur under an imaginary situation, and then accuse other people of holding that imaginary viewpoint under your imaginary situation...

You don't have a point at all.

Oh So Moronic

[PacketScan]

"He said: 'Google has definitely over-stepped the mark and in turn is forcing IT departments to take a very draconian approach to machine security and web access.'" My favorite part of the story.. Draconain eh? why was the install allowed in the first place? Ever hear of group policy?

Re:CIOs, come on, go(ogle) for it!

[tftp]

There are 100 careless people for each crooked one. Your bank's CIO may have a policy of strong passwords, fingerprint authentication and such, but how will that help if Mary the teller sets up her Google account 'MarySmith' with password 'mary' ?

This is the crucial difference between shooting someone into the heart vs. letting a careless person to borrow your handgun. In former case you do the deed. In latter case you set up the trap and wait until someone falls in. You don't even care who, as long as enough people enable this feature. In a large company 999 employees may be wise, but it takes only one stupid secretary to publish the whole company's network shares that she can read - and Google says that they can't promise that the data - any data - will be ever fully deleted. Technically that might be true (due to backups, distributed storage, etc.)

Re:more sensationalism

[rtb61]

Actually the whole story doesn't make any sense at all. Employees at large companies installing what ever software they feel like. These people don't need to be worrying about Google desktop search they need to be installing Linux desktops now and taking control over the corporate desktop and software environment.

If anything goes wrong in IT at a company it is the IT departments fault, they choose the software, they choose the hardware and they implement both. Network and computer security is the IT departments responsibility and yes I know a lot of companies tend to treat security as a joke until there is a major failure, then blame the IT department.

This story is just another M$ beat up and doesn't relate to Google at all, it is really about the typical dysfunctionality of M$ windows and the difficulties in securing it properly whilst allowing users to make use of software on their computers with out being forced to allow them administrator access.

Re:CIOs, come on, go(ogle) for it!

[KDR_11k]

Microsoft doesn't copy local files to their server.

Re:Google provided a way to disable it, corporate-

[Sven+Tuerpe]

It took a bit to dig this up, but it turns out that if you set the registry key ...

If they really do not want to be evil, they should:

• Provide security documentation, and make it easily accessible to everyone (as opposed to "hard to dig up"). Security documentations means a detailed and complete description of what the software does, how it communicates, and how to prevent it from doing what the operator of a machine or network might not want it to do.
• Offer multiple documented ways in which typical security policies could be enforced. For instance there should be an alternative for situations where group policies aren't an option, like communicating with Google's servers in such a way that perimeter filtering (read: firewall rules) can easily be used to suppress communications.
• Make sure that the administrators of a network remain in control over individual functions and services. Enforcement of a security policy, in whichever way it may be implemented, should not have side effects on other services. It should not be necessary e.g. to block all Google access or to route all Web access through a mandatory proxy in order to suppress one particular function of Google Desktop.

In other words, I would like to see Google Desktop use e.g. a specific source and/or destination port that can be blocked at packet filter level, and I would like to see this documented. I haven't verified whether it does so already, though.