Twitter breach revives cloud security fears
Some interest groups are urging Los Angeles to rethink its plan to implement Google Apps.
Computerworld - Last month's breach of a hosted Google Apps implementation used by Twitter Inc. has heightened fears in some quarters that cloud computing could pose significant security and privacy risks to users.
The Twitter breach gave a hacker access to confidential company documents via an employee's work Gmail account that had been hijacked through the password reset feature.
Shortly after the breach, some public interest groups and local law enforcement officials cited potential security concerns in calling on the city of Los Angeles to reconsider plans to replace its Novell GroupWise e-mail and Microsoft Office software with Google Inc.'s hosted e-mail and office productivity applications.
The $7.25 million migration project is set to begin later this year after its expected approval by the Los Angeles City Council. City officials have projected that the move to Google Apps will save about $13 million in software licensing and personnel costs over a five-year period.
Consumer Watchdog, an advocacy group based in Santa Monica, Calif., said the Twitter incident raises questions about whether "Google's cloud as offered provides adequate safeguards." In a letter to several Los Angeles city councilors, the group urged that city IT personnel first test Google Apps with a small group of users, rather than following the current plan of implementing it for 30,000 users by the end of this year.
"Before jumping into the Google deal, [the city council] needs to insist on appropriate guarantees -- for instance, substantial financial penalties in the event of any security breach," John Simpson, a Consumer Watchdog project manager, wrote in a blog post.
In a letter sent to Los Angeles Mayor Antonio Villaraigosa on July 16, the World Privacy Forum encouraged the city to move "slowly and cautiously" in implementing Google Apps, citing "considerable legal uncertainty about the status of data in a cloud computing environment."
Matt Glotzbach, director of product management for Google Enterprise, said the angst voiced about Google Apps and the Los Angeles project is based on incomplete information. "From what I know of the city's operation, this is a security upgrade," Glotzbach said. "Those who may be unfamiliar with cloud computing see this as a security risk simply because it is new and because it is something different."
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts