Friday, February 23, 2007

SaaS Challenge Mounts: Is Google the next Microsoft, security-wise?

Two eWeek headlines appeared this week, as if on queue, one right after the other: Google Patches Security Vulnerability in Desktop Search and Google Apps Premier Edition Takes Aim at the Enterprise.

What do you bet that the sparks really flew at Google HQ over that timing? First, a quick reminder that we, Google, have to patch security holes, just like Microsoft. Followed by, tada! Premium enterprise apps, just like Microsoft. From my perspective this was great timing, IF it helped potential enterprise clients stop and think twice before embracing software as service web apps.

Don't get me wrong, I have been using and enjoying Google's free document and spreadsheet apps in beta. They offer a lot of convenience (not to mention great functionality for the price). But you won't find me using them for sensitive business data any time soon. There is no way I am going to be the first to find out that Google, in its enthusiasm for offering neat tools to the world, missed some of the security implications and exposed "my stuff."

From an enterprise perspective I would be blocking employees from using the free version on company machines and connections. And, no offensive to Google, but I would not adopt the paid version without a very intense security review. (How intense? I don't think there are more than two dozen people on the planet with the kind of smarts it takes to do that sort of review to an appropriate enterprise level of assurance.)

No comments: