The SaaS model described in the previous chapter raises a number of security and data protection issues. At the same time, however, it offers new opportunities and new guarantees in those precise areas. This chapter presents Google's response to four important security-related issues: security against data theft, non-disclosure of data to third parties, guarantees as far as data availability is concerned, and finally, the existing solutions for retrieving data hosted by Google.
The distributed world that is emerging with the advent of SaaS raises new questions related to data protection and data security. However, existing solutions to those problems are often largely ignored and this contributes to anchoring doubt in the minds of many people. Too often, this doubt prevents the adoption of these new tools and ways of working. This is especially true in the business world, where such security issues are a particularly sensitive subject.
Of course, it is perfectly legitimate for potential customers of Google to ask these kinds of questions. This chapter thus presents Google's response to these concerns, within the specific context of Google Apps, both on a technical and an organizational level.
The present chapter specifically covers these topics:
- Protection against data theft. The list of potential ill intentions is a long one. They could for instance stem from hackers looking for money or just for fame, from rogue states, or from companies that practice electronic market intelligence.
- Data confidentiality. This covers the existing guarantees against non-disclosure of data by Google employees who could access it.
- The availability of services and data. This covers, in particular, the conservation of data over time.
- Reversibility. By this, we mean the possibility that should exist for each customer to quickly withdraw all data hosted in Google's datacenters.
Due to lack of space, we won't address in detail here each and every technical or legal aspect related to data security or data protection. But, when appropriate, we provide references to Google material for those readers who would like to go into more detail on these matters.
The questions related to the aforementioned four security issues are obviously legitimate ones. However, they should not obscure the important fact that the SaaS model, on the contrary, in many respects contributes to improving the security of information exchanges. As itinerant lifestyles become more widespread, the occasions for losing data stored on thumb drives or portable disks obviously increase. The multiplication of computers on which this same data is used makes the problem even worse by increasing the likelihood that the files eventually get infected by a virus. Finally, the multiplication of downloads from one computer to another and the repeated use of mail attachments favors virus propagation.
The situation just described should be contrasted with using a collaborative tool like Google Docs, for instance, where all documents are stored online, in Google's ultra-secure datacenters. No more worries about losing any documents! Moreover, each time a document is uploaded or downloaded from Google, it will undergo a set of extreme defense measures administered by Google mechanisms. Thus, no more worries anymore about virus spread either!
Similarly, when a security hole is detected in an application, the SaaS model demonstrates significant advantages, especially when compared to the traditional procedure that involves installing software patches. Studies have shown that three to six months are often necessary before a patch is first made available by a software vendor and then actually deployed on all computers within a company. This extends the IS's period of vulnerability to attacks by the same duration. Conversely, fixing a security flaw in a SaaS services usually occurs much more quickly. Discovery, to begin with, occurs much sooner for simple statistical reasons: a much larger number of users are likely to detect it. The fix itself is faster too, because it happens directly on Google's infrastructure, without any user intervention.
Google's vision about security is based on a strategy that includes 10 components that provide control of data storage, access, and transfer:
- Google corporate security policies
- Organizational security
- Asset classification and control
- Personnel security
- Physical and environmental security
- Operational security
- Access control
- Systems development and maintenance
- Disaster recovery
- Regulatory compliance
We discuss the most important of these points in the next two sections.
Let's conclude this introduction by noting that, for Google, establishing a genuine trust relationship with its customer, regarding security and confidentiality is of utmost importance. It is nothing less than the viability and the sustainability of its economic model which is at stake. The fact that stakes are so high for Google remains perhaps as one of its best guarantees of credibility and reliability on these matters.