chamber logo tagline
banner

Spotlight On:


Mathnasium


San Diego Crew Classic


JA Cooley Museum


2Go Tools


Archangel Global Security


San Diego Chiropractic Wellness Center


CGP Maintenance & Construction Services Inc.


dk3 studios LLC


Hometrax.com


Tilted Kilt

 

  March 4, 2010       |      Volume 4, Issue 3         |        www.sdchamber.org      |       contact us


Do You Use Google Docs?

Google Docs is a product from Google that allows you to create documents, spreadsheets, forms, and presentations on the web or your desktop and then upload and share them for collaboration. That sounds like it might be handy, doesn’t it?

Well, yes, but this also comes with some risk. You still need to back up your data. Even Google can have a data loss problem or downtime that leaves you without access.

Google is able to see all of your documents. If you trust Google with the knowledge of what is in your documents, that’s fine. If you have something that is proprietary, however, you might want to keep it entirely in your control. This really goes for any online service.  Another concern is that if a collaborator’s email account gets phished, then the attacker has access to your documents as well. The hijacking of email accounts has been a pretty significant problem and you need to recognize the risk.

You never know what might happen when your data leaves your control. Users of Google’s Gmail recently found this out the hard way. One day Google decided to convert all Gmail accounts to a social networking account called Google Buzz. For many users this meant that all of the sudden the names of the people they exchange email with became public information. While the contents of the emails were not made public, in some situations just knowing who a person contacts does constitute a pretty significant privacy violation. Google was clearly in violation of its own privacy policy and after three or so days, changed the way Buzz works so that email contacts are no longer exposed without permission. To this date, Google has not apologized or admitted wrongdoing. This does raise an interesting point. Security professionals have long taught that as a company if you make policies that are neither enforceable nor enforced, it really isn’t a policy and does nothing to help you. It would appear that Google’s privacy policy is pretty unenforceable.

There can be some real conveniences to putting documents on the web for collaboration, but do keep the risks in mind and decide what is appropriate to be on the web and what needs to be kept under your own control.

For general computer security questions, contact Randy Abrams, Director of Technical Education at askeset@eset.com.

 

 

Back
   
ATTBank of America ESET Wells Fargo