Google’s Enterprise Credibility Is On the Line
Security flaws reported in Google Docs have been described. If Google doesn’t take these reports seriously, it will lose the enterprise users it is gaining, says Michael Hickins
If Google doesn’t straighten out its act in a hurry, it may lose the enterprise crowd for good.
Google Docs has three potentially crippling security breaches, including one that that put recent Gmail availability issues into proper perspective. That’s because if this is true and goes on for much longer, there won’t be any Google enterprise users left to care.
The worst of these issues, brought to light by security researcher Ade Barkah, is that “even if you unshare a document with a person, that person can in certain cases still access your document without your permission, a serious breach of privacy.”
Barkah is holding technical details back in keeping with his policy of responsible whistle blowing.
He also highlighted two other issues: Images embedded in a document can be accessed even after the document itself has been deleted; and if you share a document carrying a diagram, the person you share it with could see older versions of this diagram (which you might not want to share).
This isn’t about service-level agreements or whether you like the UI of Docs. It strikes at the basic premise of Google Docs, which is the ability to share and collaborate. If you can’t trust Google to keep your documents to itself, who can you trust?
Google’s response so far has been one cut above dismissive:
We take the security of our users’ information very seriously and are investigating the concerns raised by the researcher. Based on the information we’ve received, we do not believe there are significant security issues with Google Docs. We will share more information as soon as it’s available.
So do they think there’s a significant security issue or not? Because if not, there wouldn’t be any more information to share “as soon as it’s available.”
Google can mess up in a lot of ways and beg forgiveness. It can even wreak havoc with consumer-facing applications. People will always need to search the Web. But if it wants to be taken as a serious enterprise player, it had better not lose the trust of those customers, because it will be impossible to win back.
Michael Hickins writes the GoogleWatch blog at eWEEK.com
