Echoing the concerns raised by the World Privacy Forum about the City of Los Angeles' proposed plan to start using Google Apps for messaging and collaboration, a group representing the city's police officers wants to make sure sufficient safeguards are in place to protect confidential information before the multi-million dollar contract gets approved.
The LAPD Protective League said on Thursday that it is very concerned about having its records stored on computers outside the city.
"Our concerns are well-founded and understandable, given that government and corporate computer network breaches have become more prevalent over the past several years," said Sgt. Paul M. Weber, president of the League, in a blog post. "Just recently, Twitter acknowledged that hackers were able to access confidential information stored with Google."
Google's systems were not hacked in that incident, however. The hacker obtained the password of a Twitter employee by abusing the password recovery process at a different online service. Because the Twitter employee used that same password for Google Apps, the hacker was able to use that password to log into the Twitter employee's Google Apps account.
If the employee had used different passwords for different services, or if Twitter had used two-factor authentication, as it now does, the hacker would not have gained access to Google Apps.
The $7.25 million contract under consideration in Los Angeles is expected to cost $8.31 million over five years and to save the city $6.25 million over the same period in license fees. Such fees presently go to Microsoft and Novell, the city's current providers of productivity software and e-mail.
Those figures assume that 30,000 workers will transition to Google Apps. If the LAPD opts out, only about 17,000 city employees would transition to Google Apps.
Google has been pushing hard to encourage businesses to switch to Google Apps. The company on Monday launched a billboard ad campaign to trumpet the benefits of "going Google."
Matt Glotzbach, director of product management for Google's enterprise group, says that any government agency or company moving to new systems should be careful and address security concerns. However, he notes that city officials believe Google Apps will be an improvement over existing computer security.
Indeed, Los Angeles' Information Technology Agency has said that the level of security for the city's data will be higher under the proposed contract than it is at present.
"There's a lot of misinformation out there and our competitors who did not get selected may have had a part in spreading this misinformation," Glotzbach said.
Glotzbach acknowledged the LAPD's legitimate security concerns but said the department's sensitive data is expected to remain in the many Microsoft Access databases that the department will continue to maintain. He said that the city's information policies won't change just because Google is providing e-mail and online applications.
"One of the big pieces of misinformation is that the LAPD is going to take all of their data and put in into Google and that's just not the case," he said.
Some 15 bids were submitted to Los Angeles to replace its e-mail system. Those not selected appear to be unhappy at the prospect of losing millions of dollars in business to Google. In a July 20 letter, Novell client executive Brian Hervey said that his company wants to continue providing e-mail service to the city and offered a 10% discount on the annual maintenance fee.
Glotzbach said that by moving to Google Apps, Los Angeles stands to save an estimated $13.8 million over five years and to free up six IT employees who'd otherwise be tending e-mail servers.
InformationWeek has published an in-depth report on leading-edge government IT -- and how the technology involved may end up inside your business. Download the report here (registration required).