Thursday, April 26, 2012

Google Drive: Cost, Security and Other Issues

Earlier this week, Google released its much anticipated release of Google Drive (even the official blog referred to it as the "Lochness monster"; due to the fact that Google was supposed to release this years ago). For those interested in how Google Drive stacks up against other cloud based storage services, see Dana Wollman's post on Engadget. Included in her post is a side-by-side comparison of Google's offering against  Dropbox, Microsoft SkyDrive and iCloud. In terms of security issues, this CIO article points out that it will be hard for system administrators to block Google Drive because it will be hard to distinguish from the other Google services (e.g. Gmail, youtube, etc), which many organizations allow users to access. 

As with any other cloud service, users need to be aware of the terms of service (ToS or "click wrap" agreement) which bind the users to all sorts of conditions (this ZDNet article gives a good analysis of how Google is imitating DropBox a little too much). This article claims that users concern that content shared would be owned by Google "are probably unfounded". Their evidence: Google's ToS are the same as Microsoft's ToS for their cloud drive offering. However, the following ZDNet article extracted the ownership clauses and it seems that Microsoft is much clearer in stating that the content belongs to the user and not Microsoft (but you can see it for yourself and decide). 

Although Google may capitulate to public pressure and alter the terms of service, the incident highlights one of the key trade offs with the cloud: convenience of the cloud comes at the cost of control. For example, most, if not all, cloud service providers (CSP) will hand over data to law enforcement - without the consent of the data owner. However, if the same law enforcement agencies wanted the data hosted at your business or house; they would have to obtain your consent first - because you are in control and not the CSP. 

Beyond the privacy issues, if CSPs are free to write their own terms of service customers, especially the small and medium sized businesses (SMBs), will be at the mercy of these large players who have an army of lawyers at their disposal to write the ToS in a way to protect the CSP - leaving the SMBs vulnerable. That's until there's some cataclysmic breakdown in the cloud forcing the regulators to act in a way to protect users from such agreements, similar to what we saw with SOX or even the birth of the SEC itself after the depression.

No comments: