Justus For All

OK, so I tried to leave a long comment last night and lost it somehow. Here’s the sort of executive summary of my thoughts.

While you’re undoubtedly right that the Google people are likely to be more technically competent and have better equipment for data security than a small business, there are some offsetting things that you may be missing. A small business that depends on securing its data (ie, one with internal memos that describe proprietary technology) not only needs to know that the people who work on said data are technically competent; it also needs to know that they’re both trustworthy and committed.

If you run a small busines with improtant secrets, it’s got to be scary to know that somewhere in Mountain View there’s a half dozen people you’ve never met who can sudo into your account and look at whatever they want. Furthermore, it’s got to be scary to know that your data is being handled by employees of a market giant that will suffer, at worst, some public embarassment from a data loss that will kill your company.

In other words, when it comes to making judgements about where best to secure your data, legitimate worries about malfeasance and/or apathy on the part of the Google people may be more than enough to offset their presumed higher technical competence. I’m sort of in this situation myself (although my “business” is a very strange one whose “customers” are scientific funding agencies) and would rather secure my sensitive data myself — even though I know that I’m less technically competent to do so than any number of outsiders might be.

Whatever happened to the reliable old “off-site backup”.

We use DDS4 and DS72 tapes to back up our servers. The tapes run overnight and are collected next day and held by by a security company. Costs NZD300 per month.

Use Google for back-up? With MS software? Politely, the only word that fits is “NO”.

I think that this is the start of the real “information age”. When I was doing network consulting back in the early to mid 90’s we were all about ‘location independence’ - allowing users to access their stuff no matter where they were.

I think that Google Apps is a very good step in that direction. The only thing that they need to add is a client side cache for when you are offline.

As far as SME’s - I think that it’s a no-brainer. $50 per seat per year for a word and excel clone, a calendar app and integrated email? And it will run anywhere you can get firefox? The SBS offering from MS is a disaster, IMHO. They try and cram to many services into one box. Novell is not even a player anymore, and there is no good SME aimed offering in the Linux camp yet.

As far as I have seen, Google will not sell you the ability to run this on your boxes. Oh well. I am sure that if you have enough seats, you can hit google up with service level contracts and everything else. I for one herald the coming of our new lords and get all googly about it.

The mindset of thinking something is “secure” because it is behind your firewall or “insecure” because it is not is quickly dying. Brian - you think _docs_ are something to worry about? How about all the customers of Salesforce.com? They are putting by far _the_ most sensitive data a company has: sales pipelines, forecasts, and customer contact information.

In a globally connected world, our data is going to have to be globally distributed too. It is too efficient to use Salesforce.com or other Software-as-a-Service offerings these days. Just look at the CRM ticker symbol to see how SaaS adoption is being received.

Of course - I founded a product called “HostedQA” and just sold it to a SaaS company, so I guess I’m a bit biased