Google's Google Docs service is an easy -- and popular -- way for businesses to create, collaborate and provide access to documents, both internally and with sub-contractors, suppliers, customers and other non-employees. But this also means that it's dangerously easy for employees to leave documents exposed -- accessible -- to the wrong parties, or to lose track when, say, somebody leaves a company but still retains access.
As with all security concerns, the corollary is, where companies cannot satisfy compliance and other regulatory requirements, they can't allow employees to use tools that could improve productivity and speed.
Even if exposed data is not copied or misused, industry or government regulations can result in significant fines simply because of the exposure. And data not subject to these regulations and fines might contain information of value to a competitor or other party.
"It's easy to share information on Google Docs, but it's been hard for IT to manage and secure it, especially when sharing access with partners," says Gil Zimmerman, CEO of Aprigo -- or even, Zimmerman notes, to ensure that documents aren't exposed to the wrong people within the same company.
"Google Docs' Share button lets your employees disable this access, for example, when somebody leaves a supplier... but they rarely know or remember to do this," says Zimmerman. "And Google Docs' own administrative capabilities don't give your IT any way to determine who inside or outside the company has access to which documents -- what documents are exposed."
Aprigo NINJA, a SaaS-based tool released in May, provides IT governance for structured files on the company network. Aprigo's new SaaS-based Aprigo NINJA for Google Docs lets IT provide governance -- control -- for documents and other unstructured data in the company's Google Apps domain -- view and manage the rights the define how documents are shared, within and outside the company, without exposing the content to IT staff in the process.
For example, Aprigo NINJA for Google Docs lets IT generate lists of the company's documents, including, and categorized by, document name, owner, the number of collaborators, and document permission settings.
The security benefit of using Aprigo NINJA for Google Docs, according to Zimmerman, is it "ensures that the right people have access to the right data at the right time and nobody else, so the business can function without information being exposed."
Aprigo NINJA for Google Docs can be applied to a company's existing Google Docs account, and can be used with any type of document created in or uploaded to Google Docs.
As a SaaS offering, Aprigo NINJA for Google Docs does not require any additional hardware or software, making it -- like Google Docs itself, and other SaaS services -- ideal for small-to-midsized businesses, where IT resources are a scarce commodity.
Noemi Greyzdorf, Research Manager, IDC, says, "As people collaborate, they tend to create content in the cloud, where it's outside the IT's or the organization's purview. Because Aprigo NINJA for Google Docs is a service, it allows SMBs to gain some visibility and control over the information they have in Google Docs without having to add to their IT infrastructure, expertise or time commitments, or having to expend capitol to deploy something like this."
Aprigo NINJA for Google Docs is available via the Google Docs marketplace. The cost is $10 per user per year, with volume, educational, non-profit and other discounts available. (Aprigo offers a free seven-day trial.)