“Can I trust Google Docs with confidential information?”
That was essentially the question posed to me yesterday by someone I know. He was/is thinking of using Google Apps and Google Docs for his business, but he was concerned about the security of Google Docs. If he uses it to write up documents containing “internal” information about customers, how safe is that information stored up in Google Docs? Is there any chance that his documents could leak out to someone else? What security is there? Could he trust Google Docs to keep that information confidential?
Essentially the key question of these times: “Can you trust the security of ‘the cloud’?”
Sadly the best answer I could come up was:
I don’t know.
Of course, engaging my ultra-paranoid security-guy personality, the answer is very clear – ABSOLUTELY NOT! I mean, Google makes it explicitly clear in section 14 (2) of the Google Apps Terms of Service that there is no guarantee of security:
14. DISCLAIMER OF WARRANTIES
YOU EXPRESSLY UNDERSTAND AND AGREE THAT:1. YOUR USE OF GOOGLE SERVICES IS AT YOUR SOLE RISK. GOOGLE SERVICES ARE PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS. TO THE MAXIMUM EXTENT PERMITTED BY LAW, GOOGLE AND PARTNERS EXPRESSLY DISCLAIM ALL WARRANTIES AND CONDITIONS OF ANY KIND, WHETHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO THE IMPLIED WARRANTIES AND CONDITIONS OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT.
2. GOOGLE AND PARTNERS DO NOT WARRANT THAT (i) GOOGLE SERVICES WILL MEET YOUR REQUIREMENTS, (ii) GOOGLE SERVICES WILL BE UNINTERRUPTED, TIMELY, SECURE, OR ERROR-FREE, (iii) THE RESULTS THAT MAY BE OBTAINED FROM THE USE OF GOOGLE SERVICES WILL BE ACCURATE OR RELIABLE, (iv) THE QUALITY OF ANY PRODUCTS, SERVICES, INFORMATION, OR OTHER MATERIAL PURCHASED OR OBTAINED BY YOU THROUGH GOOGLE SERVICES WILL MEET YOUR EXPECTATIONS, AND (V) ANY ERRORS IN THE SOFTWARE WILL BE CORRECTED.
3. ANY MATERIAL DOWNLOADED OR OTHERWISE OBTAINED THROUGH THE USE OF GOOGLE SERVICES IS DONE AT YOUR OWN DISCRETION AND RISK AND THAT YOU WILL BE SOLELY RESPONSIBLE FOR ANY DAMAGE TO YOUR COMPUTER SYSTEM OR OTHER DEVICE OR LOSS OF DATA THAT RESULTS FROM THE DOWNLOAD OF ANY SUCH MATERIAL.
<snip>
No guarantee of security. No guarantee of availability. Really just “best effort”. From a “pure” security point of view, NO, I would not trust confidential data to Google Docs. That kind of information is best kept “inside the firewall” on the corporate LAN and on corporate servers under careful control.
And yet…
… the hard part of “security” is not being the one to always say no and instead work on “getting to yes”. The reality is that there is the age-old balance to be struck between “security” and “convenience/access”. Sure, the person I know could keep his confidential info on his own network, safe inside the firewall, and have all his remote employees in home or branch offices access it via VPNs. But inside the firewall there isn’t a collaboration option quite like that in Google Docs. Sure, he could find/buy/install a solution, but that then requires IT staff on his part as well as the commitment to keep the software up-to-date, fix issues, etc., etc.
The promise of “the cloud” is to get away from all those premise IT issues and costs.
The beauty of Google Docs is that his staff can all access various documents from wherever they are on the Internet. No need for VPNs. Just login via a web browser and… ta da… they can be writing documents, commenting on documents, etc. From anywhere. Home computers. Corporate computers. Mobile devices. iPhones. Whatever. People can collaborate faster… turn around proposals/deals… and ultimately probably win more deals and make more money.
But at what risk? Google Docs uses HTTPS (SSL/TLS) for login, but after that you are usually switched over to insecure HTTP. I’ve noticed that I can go and manually change the URL to “https://” and that works. I guess you could just send around https URLs and have people go into the docs that way… but that’s a manual interaction that won’t always be remembered. So odds are that your transport is not always secure. And the security of documents at Google’s site? No real idea.
Obviously, as indicated above, Google provides absolutely no guarantee of security, but from a practical point-of-view, you’d have to think that it is 100% in their best interest to provide such confidentiality and security. They are in a colossal battle with Microsoft for the ultimate control of your data… Google wants people to move away from Microsoft’s server/LAN-centric vision and “embrace the cloud” and is making a compelling case for people to do this. (And Microsoft realizes this and is responding with their own online offerings.) From a PR/marketing point-of-view, Google can’t have a breach of confidential information as that would play directly into Microsoft’s hands.
So what does one do? Do you take the security purist view and keep all your information behind a corporate firewall? Or do you “embrace the cloud” and let the convenience of access and the cost savings (vs premise IT) of Google Docs overrule the security risks?
I don’t know.
In the end, it’s really all about your level of tolerance for risk – and how confidential you really deem those documents to be. As we move more and more “into the cloud” this is a key question we all will need to grapple with.
What would you do? (or do you do?) Do you put confidential company data (memos about customers, sales proposals, budgets, etc.) up in Google Docs or other similar services? Or do you keep this kind of data “inside the firewall”? How secure do you think Google Docs really is?
Technorati Tags:
google, google docs, cloud, cloud computing, cloudcomputing, security, saas
I’m concerned about this issue, too.
I think at some point we’ll have end-to-end encryption on browser-based apps, so that data never enters or leaves Google Docs in cleartext, nor is it stored there in a format readable to anyone but you. I don’t think it’s an intractable problem: there are already quite good JavaScript crypto libraries, like the one from Clipperz (http://www.clipperz.com/open_source/javascript_crypto_library).
But Google Docs doesn’t do this (yet…?), and from a security standpoint I’d recommend against using it.
This has been something that’s been on my mind for a while, so I’m glad to see that you’ve saved me the trouble of researching it!
It’s an interesting time for people, where security and “openness” are on a teeter-totter for most of us.
That is a great point. I’ve always joked with my peers that “security guys” take features away from end users and “voice guys” enable features for end users. Having an open (but paranoid) mind to “cloud computing” is the right perspective.
Because of Google’s Terms of Service, there is no way for us to scrutinize their cloud security (which is a combination of technology and process). If cloud services are ever going to impact the enterprise, companies will have to provide “Service Level Agreements” for uptime and security. Plus, they should offer third-party auditing which will give their customers some needed transparency.
I believe companies like Google will address this eventually. Right now, their focus is building a free service that is used by and scales to the masses (the consumer). Once they roll out their enterprise offering, it will likely address these security concerns. But, I highly doubt it will be free.
I suspect that confidential information shared via Google Apps might have been intersepted / leaked onto the public domain.
Please advise on similar occurences and what steps were taken to resolve the issue.