|
In business, is anything really free? You’d be hard-pressed to find a product or service that comes without some form of cost, and whether it’s brand exposure or focus-group data. For cloud applications, Google has helped online business software push into the mainstream – but while much of Google Apps’ baseline functionality technically comes without a price tag, free is in the eye of the beholder (or the marketing team). Since Google’s revenue is primarily generated by advertising – 96% of it, in fact – it’s safe to say that user data is the cost of entry for using its cloud applications.
The entry-level version of Google Apps includes Gmail and Google Docs at no out-of-pocket cost. However, Google certainly gets something out of it, as its no-pay users provide paths for advertisement and demographic data collection. Many users may find this relatively benign since the convenience of Google’s anywhere/anytime cloud access outweighs the invasive nature of advertisements and data mining. Students and smaller businesses fit neatly into this category. What happens, though, when privacy becomes a top priority due to sensitive data? That’s when things go beyond a sidebar of annoying advertisements. In fact, Google’s recent Privacy Policy update has industry watchdogs raising a concerned eyebrow at just how private data may be processed and analyzed.
This past March, Google revised its user Privacy Policy; the company line was that it consolidated 60 different user policies into a single shared user experience, but critics noted that data mining for a “better” experience meant taking user history from, say, searches and using it to display a default YouTube home page video. User friendly? Possibly, but what happens when sensitive data is gleaned from emails or calendar? That’s when privacy lines are potentially violated for users who simply think they’re doing a bit of casual web surfing.
Beyond privacy, Google Apps also come with the security issues leading to potential hacker access. Like any cloud application, Google Docs and Gmail are dynamic — they are constantly being updated without any software installation or patches configured by the user. Many of these updates stem from fixing holes in security, which makes functional sense since the applications themselves live in the connected realm of the web. Google’s patch history dates back to the launches of each respective application, but it hasn’t always been an easy ride. Take the April 2010 Gmail fiasco, where pharmaceutical spammers hacked accounts to launch one-click advertising emails for illegal prescription drugs. Gmail maintains dynamic contacts, constantly adding to an address book — which is great when you want to remember a contact from years ago, but awful when spammers hack your account and can access everyone you’ve emailed since you signed up. Without a network-level of security, a hacked email account can quickly turn into something bigger.
There’s also the more traditional method of security flaws – a missing or stolen device. With Android devices taking up about 50% of the smartphone market, a lot of data can be left on the bus or at the gym. How bad could this data invasion be? Consider all of the ways Google has consolidated data – documents, emails, contacts, calendars, even payment via Google Wallet. A stolen phone can unearth a mountain of data, and in the wrong hands, sensitive information can flood out from just one missing mobile device. For personal information, this can mean some embarrassing photos or emails but if it’s a business phone, the stakes get exponentially raised.
A safer alternative to Google’s cloud suite comes from one of the usual suspects: Microsoft. While Google’s products are primarily aimed at the casual user, Microsoft has a much bigger focus on the business sector, and as such, uses a more measured security approach across a combination of software and infrastructure. Ultimately, this creates greater layers of defense for sensitive documents and information.
At its most basic, security is all about access – if you can’t access a computer, then you can’t hack into files. The anywhere/anytime access of Google Docs offers great flexibility, but is often unnecessary if you have staff coming in each day to sit at a workstation. Because Microsoft Office files are stored on a local hard drive, the pitfalls of Google’s cloud security flaws don’t come into play. Anywhere/anytime access is still available via VPN, but this uses the security and permission measures dictated by network settings rather than a general user privacy policy.
For many businesses, this means that data flow is overseen by an administrator through a management suite such as Microsoft System Center. Administrator management includes setting different levels of access permissions across both workstations and mobile devices. While Microsoft’s applications are following the industry trend of moving towards cloud access, collaborative sharing and work spaces are run through each application’s interface with System Center or other governing program.
As smartphones and cloud access become integrated into everyday business use, privacy and security concerns are scrutinized even further, and for good reason. These days, all it takes is one hacker invasion or one misplaced cell phone to leak all types of sensitive data, particularly if that data is completely synced into Google’s cloud suite – and without a system administrator to control permissions. There’s no single perfect solution when it comes to privacy and security, but the choice is simple when it comes to sensitive data. By using Microsoft’s applications in a network environment, sensitive data is protected by numerous layers of defense, ensuring that only appropriate audiences have access.
