This past week, several readers raised questions about our recommendation for Google Apps. One note (from our I.T. guy here at Team Expansion) reminded us that Google wasn’t really a technology company, at heart. Instead, he asserted, Google is an advertising company using Tech as the delivery vehicle. (Thanks Greg.)
Another reminded us of Google’s own Terms of Service,…
http://www.google.com/accounts/TOS
He added, “Google harvests everything (including sensitive information) that is sent through Gmail accounts. Data stored on Google Drive becomes property of Google. And the insidious part about this is that they do it with our permission (unlike the NSA that at least works to get at our sensitive data). They have categorically stated that you cannot assume any sort of privacy when using Gmail (and by extension Google Apps). See:
He went on to say, “Some of the tech people I have contact with have even reported private links to private websites suddenly showing up on Google after they were emailed to someone with a Gmail account who needed access to the site. Google Chrome also harvests information that they have no business having (see here:
http://www.srware.net/en/software_srware_iron_chrome_vs_iron.php
“so, according to this Brigada participant, it is not a browser for people in sensitive locations.” (Thanks J…)
Does this affect your willingness or likelihood of using Google apps for your team’s content? Knowing that they data-mine everything (including the content you place in your private docs), should you be thinking of switching to a secure solution, and if so, which one(s) are you considering? Please click “comment” under the web version of this item. Thanks for any insights you can share.
For those concerned about these sorts of things (and who shouldn’t be?) then I would recommend Office 365. Here is a good comparison of the two platforms:
http://www.infoworld.com/d/cloud-computing/review-microsoft-office-365-vs-google-apps-233667
Here is the link to try out Office 365
http://office.microsoft.com/en-us/
Disclaimer: I use the Office platform, not the Google Apps platform.
One more comment about Office 365 – if your organization is an officially recognized not-for-profit that meets certain guidelines, you can use Office 365 for free.
http://office.microsoft.com/en-us/non-profit/office-365-for-nonprofits-FX104085114.aspx
Data stored on Google Drive explicitly does not become the property of Google. From the TOS link: “Some of our Services allow you to submit content. You retain ownership of any intellectual property rights that you hold in that content. In short, what belongs to you stays yours.”
if concerned about privacy and security, liberal use of encryption is advised – but having said that, the risk of using Google services is primarily that of targeted advertising, and having all your data in one place for governments to access. If unfriendly governments are a concern, again, encryption is your best defense (even against the NSA) – things like TrueCrypt, Tor, Lantern and PGP/GPG are still very useful tools.
I’m an IT and security professional myself, and the value proposition posed by Google Apps is enough for me to be relatively comfortable hosting my own sites and content there (although there are certain things that just don’t go to Google at all; SpiderOak is a good cloud storage solution for those with a strong interest in privacy and security).
Greg’s not wrong, but perhaps overstates the risk for most users (users in parts of the world with unfriendly/undemocratic governments need to take precautions against risks that the rest of us don’t generally face).
also, most of issues with Google are going to arise with *any* cloud service provider, unless you find one that’s specifically engineered around providing privacy and security in exchange for money (all free services are going to have the same kinds of issues – the service is paid for by monetizing your data).
and even for-cost service providers are going to have the problem of compliance with various government data requests, whether those governments are democratic/friendly or not. if this is a risk: use encryption, liberally. (another excellent tool is the OTR library – http://www.cypherpunks.ca/otr/ – which is available for the Pidgin instant messaging client (which supports Google Talk and many other services), the Adium IM client (Pidgin for Macs), IM+ Pro (Android and iOS) and others.)
I wanted to ask about a related issue. The Apple OS Mavericks has eliminated the ability to sync contacts and calendar from a macbook to other Apple devise via USB. You now have to use the cloud if you want to sync this data on a newer mac. Does anyone have a work around or solution?
Google is easy to pick on, but the ruling in the first article applies to every single email service. The complaints about Chrome in the second article are mostly related to information that is already available to the websites you visit and the servers between you and them.
Google is one of the tech organizations that is telling the US government to quit screwing up internet security and moved out of China over its unwillingness to compromise its users.
I’d be way more concerned about the integrity of the people who run my VPN, my small scale email service, or some cool new startup. Google has the eyes of the world on them. At least you’re probably going to hear about what they’re doing with your data.
The privacy and security settings for Google Apps depend on the terms of service for your instance. We have been using Google Apps for Non-Profits (basically the same as Google Apps for Education) for over a year. We looked very seriously at security and privacy concerns before making the move from our privately hosted solution.
The Terms of Service for GAPPS for Education specifically exclude data mining from the core apps of Mail, Contacts, Calendar, Drive, and Groups. Specifically not protected are Google Search, Picasa, YouTube, Maps, Google+, Google Reader, Blogger and many others, including third party Apps. We have not enabled these services for users in our organization. We have also not enabled Hangouts, Google Talk, Google Analytics, and Sites because of unclear policies for these services which are changing rapidly. We have also limited sharing of calendars, Drive documents, Contact, and Group data to users within the organization.
GAPPS is totally free for us and we are very pleased with the experience, despite a complicated migration task on initial deployment (for several hundred accounts and hundreds of thousands of email). We are aware of several other large mission organizations who are in the process of migration to GAPPS for Non-Profits.
We are using GAPPS for workers in sensitive countries.
Here are some links for further information:
https://support.google.com/a/answer/60762?hl=en
http://www.nyu.edu/its/google/
The risk to security for these types of services is minimal compared to the risks posed by easy to guess passwords, use of the same passwords across multiple services, the level of physical security and encryption of local devices (e.g. email on a laptop or phone), and communication over unsecured Wifi or government owned systems without a VPN.
I was about in install Iron browser myself then thought to search on it (duckduckgo not google :-)) and found some negative points with Iron Browser.
Without putting fat onto the fire I wonder about the motives for this version of Chromium.
Some of those comparisons mentioned in your link are scaremongering and it appears one of the main purposes of this version of the Chromium browser is for the developer to make money from google ads.
Here is an interesting (excuse the ripe language used on the page) that gives an explanation that appears true.
http://www.insanitybit.com/2012/06/23/srware-iron-browser-a-real-private-alternative-to-chrome-21/
CM2 MT2 Show Only 3 Model & New Boot File Add All Model FIX All Model Added Fix Done
http://88pokeronline.co/situs-bandarq-online-terpercaya/