Google responds to data concerns over cloud apps

By Iain Thomson on Jun 17, 2009 2:16PM
Google responds to data concerns over cloud apps

Google has responded to criticism that its online applications have poor security.

In an open letter to Google chief executive Eric Schmitt 38 computer scientists, law professors and security experts highlighted their concerns over the current state of security in the inline applications.

“Google’s default settings put customers at risk unnecessarily. Google’s services protect customers’ usernames and passwords from interception and theft,” the letter reads.

“However, when a user composes email, documents, spreadsheets, presentations and calendar plans, this potentially sensitive content is transferred to Google’s servers in the clear, allowing anyone with the right tools to steal that information.”

The letter, signed by such luminaries as Dr. Ian Brown from the Oxford Internet Institute, Jeff Moss (founder of the DEFCON hacking conference) and Brice Schneier, chief security officer for the BT Group, urges the company to make HTTPS an opt out rather than opt in service and increase the visibility of encryption services.

Google has been quick to respond to the criticism. In less than 24 hours the company had replied on the Google online security blog, with a promise to introduce HTTPS into all Google apps as soon as possible.

“We're planning a trial in which we'll move small samples of different types of Gmail users to HTTPS to see what their experience is, and whether it affects the performance of their email,” said Alma Whitten, a software engineer in Google’s Security & Privacy Teams.

“Unless there are negative effects on the user experience or it's otherwise impractical, we intend to turn on HTTPS by default more broadly, hopefully for all Gmail users. We're also considering how to make this work best for other apps including Google Docs and Google Calendar.”

Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
apps data centre google googles https letter security

Partner Content

New Microsoft CSP rules? Here’s how MSPs can stay ahead with Ingram Micro
New Microsoft CSP rules? Here’s how MSPs can stay ahead with Ingram Micro
MSPs with a robust data protection strategy will achieve market success
MSPs with a robust data protection strategy will achieve market success
How Expert Support Can Help Partners and SMBs Realize the Full Value of AI
How Expert Support Can Help Partners and SMBs Realize the Full Value of AI
Empowering Sustainability: Schneider Electric's Dedication to Powering Customer Success
Empowering Sustainability: Schneider Electric's Dedication to Powering Customer Success
Guiding customers on the uneven path to AI adoption
Guiding customers on the uneven path to AI adoption

Sponsored Whitepapers

Cut through the SASE confusion
Cut through the SASE confusion
Stay protected as cyber threats evolve
Stay protected as cyber threats evolve
Defend Your Network from the Next Generation of AI Threats
Defend Your Network from the Next Generation of AI Threats
The race to AI advantage is on. Don’t let slow consulting projects hold you back.
The race to AI advantage is on. Don’t let slow consulting projects hold you back.
The changing face of Australian distribution
The changing face of Australian distribution

Most read articles

Save-the-dates for Pipeline 2026: We're levelling up to Hamilton Island in May!

Save-the-dates for Pipeline 2026: We're levelling up to Hamilton Island in May!
The State of Channel Security

The State of Channel Security
Channel faces AI-fuelled risk as partners lag on data resilience, Dicker Data summit told

Channel faces AI-fuelled risk as partners lag on data resilience, Dicker Data summit told
Announcing the 2025 Benchmark Security Awards Partner finalists

Announcing the 2025 Benchmark Security Awards Partner finalists

Log in

Email:
Password:
  |  Forgot your password?