[rayiner]

The "cloud" is a huge problem in the finance, legal, healthcare, and educational fields. Confidential client/patient/student data leaking out all over the place is a disaster waiting to happen, not to mention often outright illegal.

Let me give you an example: I recently bought a Livescribe Skypen, the new one with Wifi. It automatically syncs with Evernote, and works like a charm. But I can't use it for purpose, taking notes at work, because I can't have attorney work product for a client floating around on Evernote's cloud. That's just a no-go. My father in law encountered a similar problem. He's an IT director at a school district, and he has been trying to get teachers/staff to stop sending student information through GMail/Google Docs. It's almost certainly a violation of student privacy laws to expose that information to third parties without student consent.

I think there is some disruption to be had in this space. People want to use their iPads/tablets/etc and other cloud-reliant devices in their work flow, but at the same time that information has be stored in a way that adheres to security protocols and privacy policies. Google could over a "local Google Drive" service where a company could let its employees use Google Docs, but have that data stored in the company's internal network, with assurances that Google can't troll through the information to target ads or any similar privacy breaching and potentially illegal activity.

[jessaustin]

I don't think Google would be too interested in providing that service, but I don't see why someone else couldn't do it. At some level though, a Google Docs that's restricted to the office or campus is strictly less useful than old-fashioned docs on your laptop's harddrive, edited by normal GUI editors. Would any user want to use that service?

In general, I think you have start mistrusting employees more, though. If an employee can't be trusted not to attach rightfully-secret data to email without heroic IT efforts to prevent that scenario, maybe that employee can't be entrusted with the data period. The old "firewall" method of implicitly trusting everyone on staff with pretty much everything is quite inappropriate for most business situations.

[rayiner]

It doesn't have to be restricted geographically--iDevices support VPN just fine after all.

And I think there is a disconnect between what users can be trusted to do in person, and what they can be trusted to do with computers. I don't think most users have a good mental model of how the cloud works, how it exposes data to third parties, etc. I imagine most people don't even realize that Google reads your e-mails and documents.

[jessaustin]

Just to clarify: are you more concerned about the Googlebot reading your documents to sell you consumer products than you are about employees attaching business or customer data to email or shared docs?

Because I'm operating with a much different threat model. Email is not and never has been secure. It is sent in plaintext unsecured from one unauthenticated mail server to the next. The moment the user attaches data to an email the game is over and we have lost. Sensitive data must be kept in systems that are designed to store sensitive data, and which do not have a "forward to my gmail account" feature. That's how IT can be relevant: provide that system. You might prompt the business to reclassify some formerly sensitive data as rubbish they're allowed to play with, but then their fingerprints will be all over the corpse.

[rayiner]

Uploading patient/client data to the cloud where a Google bot can read it is a breach of that patient/student's privacy. Blackberry email and the like can make email within the organization secure, and most teachers/doctors have the sense not to email sensitive documents to people outside the organization. However, most don't realize that emailing something to your gmail or uploading it to google docs is a problem. The mental model is still "this is private" even though Google is reading every word.

[jessaustin]

Maybe you've been subjected to more complete DLP systems than I have, but email "within the organization" is not and never will be "secure".

Every time I've seen customer demographic data emailed (although admittedly this hasn't been in the medical field), both the sender and the receiver have been employees (including myself) who weren't entitled to see that data. Organizations need to find more appropriate ways to collaborate, which don't needlessly expand the pool of people with access to sensitive data.

You seem to trust a pool of 100 people, even if they have acronyms following their names, more than you trust a search engine, to not share data in legally negligent ways. That seems ill-advised to me. If the Googlebot were generating lawsuits for breach of privacy we would have heard about them.

I don't think this sensitive customer data should be in Gmail, because I don't think it should be in any email system period.

[emperorcezar]

Evernote, Dropbox, Google Docs. All have TOS and things like Apps can have contracts. Apps has a DoD clearance.

There is a legal distinction between subcontracting out services and sharing data. One that has no difference from paying for a service contact that allows a vendor to login and fix your db.

There are very few situations where EVERYTHING must be internal.

Google Apps is big in education, so "sharing" data under contract must be legal.