October 14, 2006
Leaks at Google
From TechCrunch "As we pointed out in a post earlier this week about the new Google Docs and Spreadsheets product, Google is going to focus on convincing small and medium sized businesses that their internal Office documents will be secure on Google’s servers. Google needs to control its own leaks if they hope to do this - this is the second major Platypus leak this year." Everything has to be secure we all understand that. I think though that by lumping the security of an SME information with the leak of information about a feature/projects we are comparing apples and oranges. The security of applications "à la google" I believe is more controllable. Although it's impossible to have a fully secure applications, the lines of defense that will fend off the vast majority of attacks, Google/Yahoo/MS very well know what to do. One would think that it would be easier to avoid leaks of features - but this is where I think we're wrong - the lines of defenses against leaks are not as well known - employees chatting in a restaurant, postings on blogs, temporary servers etc.. are only a few of the sources, the main characteristic common to all is their spontaneousness, and processes do not jive well with spontaneity. The more people know about a secret the harder it is to keep; Once the secret is out making sure the once secretive object is secure is something an organization has planned and executed.