Far from being a major player in IT security today, Google has ambitious designs on becoming a big name in the burgeoning hosted security market, begging the question, Will your organization ever be ready to let the world's largest information retrieval company safeguard your crown jewels?
To hear Google talk of its plans for a multifaceted filtering system geared toward locking down data, you might have to answer this question sooner than you think.
At the center of Google's security push are talent and technology brought on board in this year's acquisitions of message filtering specialist Postini and browser-based security software maker GreenBorder Technologies. According to Google officials, the company is confident that these pieces lay the necessary foundation on which to build significant IT security and compliance automation capabilities.
In fact, Google claims it is now as committed to creating tools to help end-users defend their data as it is to helping them search for information online, according to company officials.
But providing consumer-grade protection is one thing. Whether Google can successfully navigate the sophisticated security issues businesses face online is another. And the stakes could be significant, as a more security-minded Google Apps hosted productivity suite could give Microsoft a run for its Office desktop app money.
Postini as security platform
Shrugging off doubts about Google's ability to rise to the business-worthy security challenge, Scott Petry, founder and CTO of Postini, which Google acquired in July, said the search giant's security footprint has only just begun to take shape.
"When Google bought Postini, and in fact when Postini built its underlying architecture, it was not all about keeping spam from reaching peoples' in-boxes," Petry said. "They didn't buy bits on a server; what they bought, and what we built, was a platform for creating a range of different services around protecting content and monitoring usage patterns."
As evidence, Petry pointed to Google's recent integration of Postini's e-mail content policy management system into Google Apps Premier Edition, the first of a slew of online services Google plans to launch to help businesses and consumers safeguard their data.
Added to the release were data analysis tools for identifying credit card and Social Security numbers in e-mail messages, as well as policy enforcement options such as encryption. Google also added protection against so-called zero-day attacks and expanded message archiving features.
Additional security and compliance services already under development at Google will build on those capabilities, Petry said.
"We feel that we can build a broader umbrella by recognizing spam and malware before it reaches the network on one end, and by helping people monitor the outward flow of information on the other," Petry said. "We want to provide a stronger level of control for security over all types of content."
Should IT professionals assume consumers and small businesses will be the only beneficiaries of Google's security push, Petry points out that many of the e-mail and content management features added in the latest revision were designed specifically for large businesses.