With most computers threatened by attacks coming through Web applications, it's no surprise that security would be a key piece of Chrome OS, Google's browser-based operating system that stores data in the cloud.
In this video, Google security engineer Will Drewry explains how Chrome OS separates user data from root or system data, which makes the system more secure and easier to re-install the operating system.
(Credit: Google)Google showed off its new lightweight operating system designed for Netbooks and cloud computing on Thursday. As anticipated, it will rely on many of the same security features and concepts used by the Chrome browser.
"The browser is the operating system. We've expanded the browser to add operating system functionality," Caesar Sengupta, a group product manager at Google, said in an interview.
Chrome OS uses a combination of operating system-level protections and exploit mitigation techniques to limit the attack surface, or amount of code that can be targeted in an attack, and to reduce the likelihood of an attack being successful. "The biggest security impact is that all applications run within the browser," Sengupta said.
Chrome relies heavily on sandboxing, keeping different processes and applications in separate partitions. This limits the interaction between applications and the OS kernel.
For example, with conventional operating systems, if an application crashes, it can crash or otherwise affect other programs that are running, Sengupta said. "But if everything is sandboxed, that becomes more difficult to do," he added.
Many systems are compromised by deceptive attacks, such as when a user opens an innocent-looking PowerPoint file which unleashes a virus or other malware that can get access to everything on the computer.
With Chrome, "applications can't just download any binary and run it," Sengupta said.
Chrome has a verified boot process that uses cryptography to ensure that the Linux kernel, the nonvolatile system memory, and the partition table are not tampered with when the system starts up, according to a security overview of Chrome. (Google security engineer Will Drewry explains the security concepts of Chrome OS in a video on YouTube.)
"Right now, on your conventional operating system, any kind of process can run, which makes it difficult to predict what any process will do," Sengupta said. "On Chrome, because the whole operating system is essentially signed by Google, there is a lot we can do to make it secure."
If an application manages somehow to break out of the browser sandbox, to get through the kernel hardening and processing infrastructure, and manages to change something on the operating system, the changes will be detected the next time the user boots up the machine. "As soon as it detects something is different and not signed by Google, it will warn the user and try to clean itself again," Sengupta said.
Cleaning up is easier than with a standard operating system, too, because the system data is separated from the user data, which includes user preferences, system settings, and a local cache of data stored on the Google servers in the cloud, he said.
All user data stored by the operating system, browser, and any plug-ins are encrypted and users cannot access each others' data on a shared device, according to the Chrome OS security page.
Meanwhile, Chrome will automatically update to get the most recent software and patches for the operating system, just like the Chrome browser updates in the background while users are online, Sengupta said. Users will not run the risk of having their system get infected or compromised before they can install updates, as happens with Windows and other software.
In addition, the antiphishing technology found in the Chrome browser will protect Chrome OS users from inadvertently visiting malicious Web sites, he said.
Google is publishing detailed design documents on Chrome OS, which will allow security experts to scour the code for weaknesses over the next year before the operating system is released to the public, according to Sengupta.
There are some security and networking technologies that are supported in other operating systems that Google is passing on, at least for now.
Google will keep an eye on biometric authentication technologies, but believes that the cost/reliability trade-off is not where it needs to be just yet, according to the security overview for Chrome OS. Smart cards and USB crypto tokens are "interesting technology, but we don't want our users to have to keep track of a physically distinct item just to use their devices," the overview concludes.
Google is likewise not interested in Bluetooth, a wireless protocol widely used in laptops and handheld devices, for authentication. "Bluetooth adds a whole new software stack to our login/screenlocker code that could potentially be buggy, and the security of the pairing protocol has been criticized in the past," the security overview says.
Updated November 24to clarify that Bluetooth is not being considered for authentication.
Google's biggest threat is no longer Microsoft. It is itself.
As the company harvests copious quantities of personal data, it becomes dramatically better at serving customer needs...
...and at freaking them out over privacy concerns.
In other words, Google gets stronger with every Google Doc created, every Google Voice call dialed, and every Gmail e-mail sent. It becomes stronger because data is the heart of the Web's biggest businesses, as Redmonk analyst Stephen O'Grady implies.
But in so doing Google also becomes more threatening to the very consumers it is trying to serve.
Google Dashboard is meant to change this by putting consumer data back in the hands of consumers. It's a move that follows on Google's earlier pledge to "open data" and its Data Liberation Front.
As CNET reports, Dashboard lets people review the personal data Google has stored for them, delete it, and alter future collection policies. It's a great way for Google to mollify concerned users, putting control back in their hands.
Still, it's almost certainly never going to be used by the vast majority of Google users. Ever.
Why? Because for all our hand-wringing over privacy--and for good reason--the reality is that most of us, most of the time, really don't care. Or, rather, if accessing useful services or getting work done more efficiently requires some privacy concessions, we gladly concede.
It's not that we don't value our privacy. It's just that in many contexts, we value other things as much or more. We weigh the risks versus the benefits, and often the benefits trump the privacy risks.
It's the same thing with file formats. For years we've been agonizing over Microsoft's lock-in of customers through proprietary file formats (.pst, .doc, etc.). Now Microsoft is opening up the specifications for file formats like .pst (Outlook file format), and yet it will almost certainly change little to nothing in what products most people use most of the time.
People don't use Microsoft Office because they're forced to. They do so because it's convenient. (Yes, an argument can be made that it's convenient because Microsoft has forced network effects through lock-in.)
This, incidentally, is exactly the reason that Wednesday night I declared a ban on Microsoft Office in our family in favor of Google Docs--and didn't opt for OpenOffice (which we also use). I got sick of having to recover documents and perform other IT tasks related to a locally installed office suite, open source or proprietary. And I find it easier to let Google handle the back-end IT operations.
I wasn't trying to evade lock-in. I was trying to increase personal happiness.
Am I concerned about Google snooping on the documents we write and store in Google Docs? Let's just say I worry more about my time fixing Office than whether Google gleans any information from my 12-year old's seventh-grade essay.
Dashboard leaves Google in the prime position of being able to honestly say that it doesn't control user data, while still delivering increasingly beneficial services based on that data. It will not change the way that the vast majority of consumers use Google, but it just might change the way they think about Google.
A very smart move by Google, one that all data-driven businesses should emulate.
Follow me on Twitter @mjasay.
As of 2:15 p.m. Tuesday e-mail delivery had started to return to normal for some Postini customers, although problems remained.
(Credit: Screenshot by Tom Krazit/CNET)Some customers of Google's Postini e-mail security product experienced significant problems Tuesday, with reports of hours-long delays in e-mail delivery that are still affecting some customers.
Threads throughout Google's Postini forums spread involving the issue, which seemed to begin overnight on System 7--one of several systems used by the service--and was still affecting some customers as of Tuesday afternoon, although e-mail delivery had resumed for others. Users also reported problems accessing the management consoles used to log into the Postini service, preventing them from understanding exactly what was happening.
Postini, acquired by Google in 2007, offers e-mail security services to businesses. Postini scans all e-mails directed to the networks of its customers for viruses, malware, and spam, passing along the genuine messages to the network once they have been cleared. However, Tuesday it appeared that for a significant portion of the morning, all messages for customers using System 7 were blocked before they reached their destination, and customers could not log into their accounts to see what was going wrong.
A Google representative acknowledged the e-mail delivery delays in a statement. "We're aware of an issue that's causing a delay in mail delivery for some Postini customers in the US, and are working to fix it as quickly as possible. We know how important mail is to our users, so we take issues like this very seriously, and apologize for the inconvenience. We encourage anyone having technical difficulty to visit the Postini support portal at https://www.postini.com/support/support_login.php."
It has not been a good week for the cloud. Hosted applications and services such as Postini were sure to get a second look following the debacle at Microsoft involving the Sidekick and possible data loss.
It's also another example of Google's growing pains with customer support. Google Checkout customers reported significant issues for over a month without any resolution, and angry e-mail administrators on Postini's message boards complained that Google support personnel were very difficult to reach during Tuesday's issues.
Google support technicians promised some Postini customers--who pay between $12 per user per year and $25 per user per year--that their e-mails were not lost, which is at least some good news for customers affected by the problems. But running a business without e-mail in the 21st century is a very difficult thing to do.
Hotmail users aren't the only ones who've been hit by a phishing scheme over the past week. Google told BBC News on Tuesday that Gmail users have also been affected by the hackers who posted passwords online.
The problem is far more widespread than was disclosed on Monday, possibly affecting Yahoo and AOL e-mail accounts as well, according to BBC News.
Google described the issue as an "industrywide phishing scheme." BBC News said it has seen two lists posted online with "more than 30,000 names and passwords" from Gmail, Yahoo, AOL, Microsoft's Windows Live Hotmail, and other service providers.
"We recently became aware of an industrywide phishing scheme through which hackers gained user credentials for Web-based mail accounts including Gmail accounts," a Google representative told me in an e-mail.
The representative said that Google immediately "forced passwords resets on the affected accounts."
In an e-mail to CNET, a Google representative said that the company had to reset the passwords on fewer than 500 Gmail accounts so far. However, that figure could change.
Despite Google's and Microsoft's awareness of the problem, it doesn't seem that users are out of the woods just yet. Google's representative told CNET that it will continue to force password resets on any newly affected user accounts.
Like Microsoft, Google was quick to point out to the BBC that the phishing scheme was a "scam to get users to give away their personal information to hackers" and not an internal security issue. It didn't say how users fell victim to the scheme.
Google's admission that Gmail users were affected by the phishing scheme comes on the heels of Microsoft acknowledging that over 10,000 Live Hotmail accounts were compromised by the scam. The passwords apparently first hit the Internet on October 1.
Updated at 9:10 a.m. PDT to include Google's comments.
Don Reisinger is a technology columnist who has written about everything from HDTVs to computers to Flowbee Haircut Systems. Don is a member of the CNET Blog Network, and posts at The Digital Home. He is not an employee of CNET. Disclosure.
A sensitive e-mail mistakenly sent by a bank to a Gmail address that prompted a court to order Google to deactivate the account was not viewed by the recipient and has been deleted, the bank said on Tuesday.
The e-mail, sent by an employee of Jackson, Wyo.-based Rocky Mountain Bank on August 12, contained names, addresses, Social Security numbers, and loan information of more than 1,300 bank customers.
The bank sent another e-mail asking that the data be destroyed and went to court to get Google to intervene on its behalf. Last week, a judge in U.S. District Court in San Jose, Calif., ordered Google to deactivate the Gmail account and Google complied. Google and the bank quickly resolved the matter and the court granted their motion to dismiss the case and allowed Google to reactivate the Gmail account.
"Rocky Mountain Bank, working with Google (through court order), confirmed on Thursday of last week that the e-mail containing client information was never opened and has now been permanently destroyed by Google's system," Tina Martinez, general counsel for Rocky Mountain Capital, wrote in an e-mail response to questions.
"As a result, no customer data of any sort has been viewed or used by any inappropriate user during this data lapse," Martinez wrote. "Rocky Mountain Bank acted to protect its customer's confidential information. That objective was accomplished. The matter is now closed and the TRO (temporary restraining order) entered on September 23, 2009 is now vacated."
Asked for comment, a Google spokesman said: "To protect the privacy of our users, we do not comment on their use of Google services."
The case poses some interesting questions. For instance, should the person who registered the e-mail address lose access to the account or have items deleted without his or her permission, particularly through no fault of their own?
And what recourse would the bank have if the data had been sent via regular mail to the wrong address? The U.S. Postal Office certainly doesn't have the ability to see the envelope sitting on the recipient's desk and vaporize it.
Update 4:35 p.m. PDT:The bank did not take any action against the worker who sent the e-mail, the bank's lawyer said.
Mozilla and Microsoft don't always see eye to eye when it comes to browser technology, but they agree broadly on one thing: thumbs down for Google Chrome Frame.
Chrome Frame is a plug-in that puts Google's browser engine under the hood of Microsoft's Internet Explorer, and Google argues that it can modernize IE versions 6, 7, and 8 with faster page loading and JavaScript performance. It kicks in only on Web pages that Web developers have labeled with a specific tag. After Google announced it, Microsoft criticized it as creating a potentially increased risk to browsing security.
Google Wave is one site that suggests IE users install Google Chrome Frame.
(Credit: Google)Mike Shaver, vice president of engineering for Firefox backer Mozilla, published a different concern in a blog post Monday night.
"I certainly share that longing for a Web in which the vast majority of Web users enjoy the performance and capabilities we see in Chrome, Safari, Firefox, and Opera. Unfortunately, I don't think that Chrome Frame gets us closer to that Web," Shaver said.
Specifically, Shaver said Chrome Frame can disable IE features and muddle users' understanding of Web security matters. And users of the reviled IE 6 browser, he added, often won't be able to run Chrome Frame anyway because their computer is locked down to prohibit changes or lacks sufficient power in the first place.
"As a side effect, the user's understanding of the Web's security model and the behavior of their browser is seriously hindered by delegating the choice of software to the developers of individual sites they visit. It is a problem that we have seen repeatedly with other stack plug-ins like Flash, Silverlight and Java, and not one that I think we need to see replayed again under the banner of HTML5," he said.
Shaver's advice is to rely on that ages-old technique: an upgrade suggestion on the Web site.
"It would be better for the Web if developers who want to use the Chrome Frame snippet simply told users that their site worked better in Chrome and instructed them on how to install it," Shaver said. "The user would be educated about the benefits of an alternate browser, would understand better the choice they were making, and the kudos for Chrome's performance would accrue to Google rather than to Microsoft."
A bank that accidentally sent sensitive customer information to a Gmail address and persuaded a judge to order Google to deactivate the account has resolved the issue with Google and the companies have filed a motion to dismiss the case.
Google spokesman Andrew Pederson declined to say exactly how the issue was resolved or to identify the owner of the Gmail account.
The problem began August 12 when a worker at Rocky Mountain Bank inadvertently sent an e-mail containing names, addresses, Social Security numbers, and loan information of more than 1,300 customers to a random Gmail address. When the worker realized the mistake, a subsequent e-mail was sent to the address asking that the recipient contact the bank and destroy the data, but the bank heard no word, according to a MediaPost report.
The bank asked Google for information on the owner of the Gmail address, but Google said the bank had to get a court order to get access to that information. Last week, a judge in the U.S. District Court in San Jose, Calif., ordered Google to deactivate the Gmail account and Google complied, Pederson said.
"After notifying the account owner, we complied with the court's order. However, after working with Rocky Mountain Bank and the court, we resolved the issue around the bank's error, and both sides have agreed to vacate the TRO and dismiss the case," he said.
"While we regret that the user has been locked out of their account through no fault of their own, we're not legally able to reactivate the account until the court approves our motion to dismiss the case and vacate the TRO," Pederson added. "We're hopeful that the court will act quickly, and as soon as the motion is approved, we'll reactivate the account."
Calls to Rocky Mountain Bank and the court clerk were not immediately returned on Monday.
Update, September 29, 9:35 a.m. PDT: Google spokesman Pederson said the court granted the motion to dismiss the case on Monday, allowing the company to re-activate the Gmail account.
As a result of a bug in a Google Apps e-mail migration tool, some students at Brown University found other students' e-mail in their in-box over the weekend as Google was moving their e-mail from Exchange to Gmail, Google confirmed on Friday.
The problem affected a "handful" of organizations that use Google Apps, a spokesman said. He declined to specify how many were affected or how many individual users were affected.
Brown University newspaper the Brown Daily Herald reported that e-mail for 22 students was misdirected starting on Friday, that the university notified Google about it on Saturday, and it was fixed on Tuesday.
However, the Google spokesman said the company found out about the problem on Monday, disabled the affected accounts within hours, and then restored the accounts within a day.
"A very small number of Google Apps domains using the IMAP migration tool last weekend encountered a bug that caused a handful of their users' mail to be migrated to the wrong accounts," the spokesman said in a statement. "We quickly identified and fixed the issue, which affected less than 0.002% of users, and worked with the organizations to restore the affected accounts to their original state. We have extensive safeguards in place to ensure that users' mail is safe, and we're confident this was an isolated incident."
Donald Tom, director of IT support services at the school, complained to the newspaper that the school was not notified before the affected e-mail accounts were suspended. However, he did praise Google for moving swiftly to fix the problem.
Asked to respond to that criticism, the Google spokesman said: "In this case we made the judgment call that the safest and most expedient course of action for the affected users was to suspend affected accounts as soon as possible. In our conversations with our customers, they've appreciated our prompt actions and have been satisfied with the outcome."
Google has fixed two high-severity vulnerabilities in the stable version of its Chrome browser that could have let an attacker remotely take over a person's computer.
With one attack on Google's V8 JavaScript engine, malicious JavaScript on a Web site could let an attacker gain access to sensitive data or run arbitrary code on the computer within a Chrome protected area called the sandbox, Google said in a blog post Tuesday. With the other, a page with XML-encoded information could cause a browser tab crash that could let an attacker run arbitrary code within the sandbox.
Chrome 2.0.172.43 (click to download for Windows) fixes the issues and another medium-severity issue. Once Chrome is installed, it retrieves updates automatically and applies them when people restart the browser.
Google won't release details of the vulnerabilities until "a majority of users are up to date with the fix," Engineering Program Manager Jonathan Conradt said in the blog post.
On August 11, Randi Levin, the chief information officer of the city of Los Angeles, stood before City Council members at a hearing of the information technology committee and made her case for why the nation's second-largest city should adopt Google Apps.
"The ability to get whatever information the city needs, whenever they need it, on whatever device they need it on will fundamentally change the way the city works and enhance productivity greatly," she said. "In a fiscal crisis it is difficult to find technology solutions that will save money without requiring a significant capital outlay to achieve those objectives."
Security concerns have kept many government agencies and large corporations away from Google Apps. That is starting to change. A number of small U.S. cities are using the suite and there are Google Apps pilots in more than a dozen federal agencies. If Los Angeles signs on, it would join the District of Columbia as one of the largest government adoptions.
Randi Levin, chief information officer of the city of Los Angeles and a key player in the city's move to adopt Google Apps.
(Credit: City of Los Angeles)Security experts and officials in other state and federal government departments tend to be wary about outsourcing the management and storage of highly sensitive data to an outside company.
Even in Los Angeles some persuasion was needed. Tony Cardenas, a councilman and chair of the IT committee, and a police official last month said they were worried that sensitive police investigations could be compromised if data were exposed somehow under Google's control. "Drug cartels would pay any sum of money to be aware of our progress on investigations," Cardenas told the Associated Press.
The concerns came to light after the poor e-mail practices of an employee at Twitter and an easy password reset mechanism at Yahoo gave a hacker access to sensitive Twitter documents stored on Google Apps.
While that breach had nothing to do with level of security of Google Apps, it prompted renewed scrutiny of the cloud computing service. It's unclear exactly what effect the exposure of financial and business plan data will have on Twitter. But the specter of confidential police records being hosted by a search company has some people concerned, particularly with a service that is just 3 years old and that added enterprise-level security enhancements 18 months ago.
Google Apps creates "a value proposition. No doubt about it," Mike Hamilton, chief information security officer of the city of Seattle, said in a phone interview after the LA proposal to adopt Google Apps made the news. Seattle uses the e-mail security outsourcing service Google offers through its Postini Message Security, and Hamilton said he is pleased with that service.
"My personal opinion is there's still some shaking out to do around this," he said. "Some bad things are going to happen before all this gets worked out and we don't want to be an early adopter."
During a chief security officer panel at the Black Hat security conference in Las Vegas last month, a group of CSOs from several corporations and one government agency said Google Apps was on their radar, but they didn't seem too eager to embrace it just yet.
"We are looking at those apps and have a number of pilots underway," said Bob Lentz, CSO for the U.S. Department of Defense. "There are a number of security requirements that have to be addressed."
LA concerns assuaged
The sentiment over the past month among LA officials about Google Apps has turned from righteous skepticism to cautious acceptance of the contract, under which systems integrator Computer Sciences Corp. will help the city deploy the Google technology. Cardenas hardly mentioned security during the August 11 committee meeting.
In what appeared to be mere preaching to the choir, Levin made some strong points in favor of the five-year, $2 million contract in her final comments before the committee.
"We own the data, not Google," she said, kicking off a list of key points. "Their security is better than ours," she added. And "cloud computing is safe."
Also, city employees would be using the version of Gmail that is designed for corporate and government customers, not the free consumer product, and they will benefit from electronic discovery, archiving, and disaster recovery functions that they don't have access to today, she said.
Meanwhile, Microsoft Office will remain on all desktop PCs that have it and future purchases will be evaluated for necessity, she added.
Officials from the police department and city attorney's office told the committee that their concerns were being resolved in negotiations with Google. The committee promptly approved the Google Apps adoption proposal, given certain caveats on Google customization for those departments and a later rollout for the police department. The proposal now goes to the budget and finance committee and then the full City Council for a vote in early September.
Specifically, 17,000 of the 30,000 total LA city workers would be migrating to Google Apps if the plan gets approved. The 13,000 workers in the police department and the city attorney's office would initially only use Gmail (instead of Groupwise) and not the other Google Apps, officials said.
In order to meet security requirements from the California Department of Justice (which is within the Attorney General's office), Google needs to either provide some additional level of background checks for people able to access the data or provide an encrypt option and allow city officials to hold the key, according to city officials.
Google also needs to add other functions to the e-mail service, such as auto-acknowledgment of receipt, Tim Riley, chief information office for the LA Police Department, said in an interview.
"We deliver 400,000 electronic subpoenas to our employees every year and there are requirements for the e-mail," he said. "When an officer opens his e-mail, there has to be acknowledgment back to the server that shows he opened it and was (officially) served."
Google has committed to resolving the issues, Riley said.
As for productivity applications, the police department is in year three of a five-year contract with Microsoft for Office that covers about 8,500 PCs, Riley said.
"We have a number of Microsoft databases that are not currently accessible from Google Apps," he said. "That's not to say that down the line we wouldn't" consider Google Apps.
The LA City Attorney's Office has similar security constraints to the police department, and in addition it is required by the courts to use either Word or WordPerfect to file documents, an official said during the hearing.
"People are comfortable with Microsoft Office and there are compatibility issues," Ted Jordan, a city attorney said in an interview.
Meanwhile, "we are still talking to Google about risk management issues, indemnification, limits of liability, data security and disclosure and loss," Jordan said.
For Levin, the cost-benefit analysis is a no-brainer. Google provides enhanced collaboration and remote access ability and more storage and would replace an "antiquated e-mail system" that needs to be replaced, Levin said in an interview.
Because the Google productivity apps are less robust than the Microsoft apps and there are compatibility problems for workers using the two different programs, power users who need the high-end functions of Microsoft applications will still be able to use them, she said.
LA city officials have said the contract is projected to save the city $13.8 million, according to Matt Glotzbach, product management director for Google Enterprise.
More precisely, if the city were to pay for all the capabilities it will get with Google that it currently doesn't have--including archiving, automated electronic discovery and video conferencing--the cost could run as high as $50 million, Kevin Crawford, the city's assistant general manager, said in an interview.
The Google contract would mean the city won't need to dedicate at least 16 servers to run its current system and it can deploy that same number of staff members who operate and maintain it to other areas, he said.
Rebates are unique
But there is an added financial incentive for the city to move to Google. The contract the city is drawing up with Google is written so that any public agency within the state of California can amend it and adopt it for its own use, Crawford said. If 100,000 users sign up, the city will get $1.2 million in rebates, he said.
Crawford told committee members that his office had heard from more than 20 state agencies that are interested in using Google Apps under the contract terms.
"This is unheard of in technology contracts," Levin said during the hearing.
Meanwhile, all the authentication for the single sign-on system is designed to go through the city's authentication system before it hits Google, Crawford said.
As far as concerns about reliability, the city's current in-house system was down about 300 times more than Google was in the last 12 months, he said.
"Google Apps has much higher reliability than on-premise systems tend to have," said Glotzbach, adding that the company promises paying customers uptime of greater than 99.9 percent. "We make redundant copies, multiple live copies, and other things most government agencies can't and don't do."
Outages with Google Apps in the past have been infrequent and short-lived and most did not affect paying customers, according to Google. But, still, they have happened and they make headlines.
Last month there was a four-hour outage in the Google App Engine application hosting infrastructure service. In February, business customers were affected by a 2.5-hour Gmail outage. A Google Docs outage hit them in July 2008, while a Google Apps outage affected some Gmail users in March. Google Docs, meanwhile, had a privacy glitch in March that Google said led to "inadvertent sharing" for a small fraction of documents.
Security concerns weren't enough to keep executives from large corporations like Genentech, Motorola's handset division, Johnson Diversey, and Fairchild Semiconductor from jumping on board.
Blazing the trail for government agencies is the District of Columbia, where deployment of Google Apps was completed in July 2008. The project was driven by DC Chief Technology Officer Vivek Kundra, who has since left to become chief information officer for the federal government, where next year's budget includes funding for cloud computing initiatives.
The District of Columbia paid $479,560 for the Enterprise Google Apps license and is leveraging Google Apps to create the city's intranet at a cost of $500,000, according to a city spokeswoman. As a result, DC saved $3.5 million by replacing an earlier plan to pay another company $4 million for the portal project, she said.
Google Apps is available to 38,000 DC city employees, 4,000 of whom are actively using it, she wrote in an e-mail response to questions. Gmail could potentially replace Microsoft Exchange there, "but this decision has not been made yet," she wrote.
"Our policy has been to put into Google Apps only information that could be transmitted via e-mail; at this time we are not placing sensitive data into Google Apps," the DC spokeswoman wrote. "The District mostly uses Google Apps collaboration tools (e.g. Google Docs, Sites, Video) which filled a void we had for Intranet collaboration tools."
Google is working with the governments to help them overcome their fears.
"Government, by definition, tends to be a little bit more conservative and generally with good reason," Glotzbach said. "But security experts in the city of LA have dug into it and found that in a number of ways the cloud can be more secure than existing in-house systems."
Security guru Bruce Schneier says that as far as cloud computing is concerned, resistance is futile in the long run.
"This is the future of computing and don't think for a minute that this isn't what people will be doing in a few years," he said in his question-and-answer session at the Defcon security conference late last month in Las Vegas.
"I think it's nutty to give up that much control," he said after mentioning Google Apps specifically. "The problem here is trust. They're going to go out of their way to secure their systems more than any user because their reputation is at stake."
Updated 4:52 p.m. PDT to add that Computer Sciences Corp. would be the systems integrator of the Google Apps technology for Los Angeles and that the proposal goes to the city's budget and finance committee before it goes to the full city council.
