[bane]

The real question is, as IT professionals, why would there be more use than expected? Would you expect the premier free cloud competitor to Office to be heavily used?

It's as misguided as most of the IT departments I've had to deal with blocking browsers other than IE because they are "insecure". No the other browser are not insecure, they just haven't bothered getting up to speed on the security profile of those browsers and confuse getting regular security bulletins about IE to be the same as being "secure".

[pwthornton]

Yes, they should have known better. Google Docs is used a lot at universities because of its collaborative abilities. If you need to work with several people putting a report together, Google Docs is a great way to get started. We often eventually take it out of Docs into a desktop program to finish it off, but Google Docs is one of the best ways to collaborate.

How the IT department didn't know what its students, faculty and staff were doing is kind of hard to believe. For students and teachers in particular, Google Docs is a big deal. It's not just because it's a cloud version of Office, but rather that it has things that Office can't do that are especially important in a university setting.

[jacques_chester]

> Yes, they should have known better.

As they point out, connections to Google Docs are encrypted. There's no way for them to tell what is and isn't legitimate traffic.

[pwthornton]

There are multiple ways to know what your users are doing, and there is more than just monitoring traffic. They can do surveys and qualitative studies, and they would have then known how widely used Google Docs was.

Lack of knowledge is not an excuse.

[TeMPOraL]

A good thing would be for them to adopt the policy that "even though I don't use a particular program / website, it doesn't mean it is not used, or not important". I've seen some ridiculous examples of hubris of university sysadmins causing pain for everyone else.

[jpnp]

Perhaps you should consider that phrase code for "more use by important management types than expected" rather than mere students and lowly faculty.

[etherealG]

funny, each security bulletin implies something was wrong with security before the bulletin. so regulars implies less security not more, the exact opposite of their thought process.

[tshile]

that's only if you believe that not having security bulletins implies there are no problems.