All about Mobile, Web, Technology, Politics, Security, E-Commerce and Living in the Philippines.

Saturday, March 04, 2006

IT managers to ban Google Desktop over security fears.

According to the article published by Silicon.com, UK IT managers are taking measures to ban and purge Google Desktop (GDS) on their networks. It is said on the article that one of the main reason is that the new version of GDS which allows ‘search across computers’ poses an unacceptable risk to many organizations.

Upon just reading the first few lines of the story, I can immediately say this story is just blown out of proportion and a total BS. First of all, on a corporate network setup GDS should never be installed nor anything else should be installed unless its required to perform the task assigned to a project or IT department on general which usually falls in the Acceptable Use Policy (AUP) of the company.

In my opinion, any IT company which allows users to install applications such as GDS, Yahoo IM, Skype, mIRC, p2p or any messaging and desktop enhancements in the first place is just plain lame. Of course they are security risk, any application that’s not audited for security and stability is a risk; it doesn’t only compromise security but productivity as well! If search functionality is really needed by a company they should buy a search appliance which is offered by many search companies as well as Google.

(update)

I have received alot of emails regarding this post and i wish to clarify.

- I'm not saying all the mentioned application would be banned, only that AUP shouldn't allow them to be installed on corporate networks. If you are using it on your own personal/home internet network then its fine.

- In special cases such that companies have disjoint internal and external networks then as long as AUP says it wont endanger the secured network then fine, use it.

- I guess my statement is valid only on "general" corporate setup, but if your asking me if this should hold true under speacial network setups in your own offices then your Administrator and IT managers are the ones more capable of determining the suitable AUP for you :)


4 comments:

Phil Wolff said...

What do you think of the general approach that pioneer users show the way to meet their needs and those of others? And that IT should enable instead of restrict?

godieYOSI said...

If you’re referring to the pioneer users of GDS, I believed the news was never about if GDS is a security risk and counter-productive or about the technology itself.

It's more on a management issue that’s plaguing a company/IT sector.

Let’s look at it on a different angle, an IT person like me will probably argue that control over my working environment is needed to effectively carry out my duties, such that I can freely create or acquire then use the tools I deemed necessary. As much I would like to agree with this reason (since I’m also an IT person who also has frustrations about strict working environments), I believe going against an AUP will be selfish! It could be true that my entire team and I can be very proficient with help of such “tools” but not as to selfishly endanger the rest of company due to its security flaws. That’s why for such marketing reasons, productivity “tool” usually comes out in two versions: commercial/free and enterprise/corporate, where your company can purchase the corporate version which should come with security guarantees (ex: Google search appliance)

How about tools like GDS which come only in one-use-this-at-your-own-risk package? If such tools were really a requirement, proper environment should be placed to use and test such tools such as a hardened network and some tools has license allowing it to be “forked” into a hardened version for corporate/private use.

Please remember, products such as GDS, Yahoo messenger, Skype, and web services in general should be considered as tools for casual and entertainment use only and has no place on a corporate and secured environment. Companies who wish to use such tools should either acquire a corporate version of it or use a secure alternative.

godieYOSI said...

Opps i forgot to answer the second question.

"And that IT should enable instead of restrict?"

It depends on your company's AUP.

To give an example, my company has two networks, an internal and external. The internal network has strict AUP since it contains prototypes and delicate data while the external network can connect to the internet freely. The two networks are not connected except for large data transfer and are also monitored.

In this set up, we both have security and a bit of freedom. I even have a GDS on this PC :)

Anonymous said...

Hello, thanks for linking to my blog. Nice to see my site linked to yours.. :) I'll be a regular visitor now.

- Carlo
http://carlotech.com

Related Links