Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
November 5, 2010
3 Min Read
If government IT leaders have concluded they need dedicated data center infrastructure, and Google can't provide that, isn't Google knocking itself out of competition? The hook Google points to in this case is that the department, according to the lawsuit, said Microsoft's the only vendor that can meet its needs, including for security.
That's where a proposed new cloud-app security process could give Google a big boost, in competing for both government and business contracts. The U.S. government is proposing a new process, called FedRAMP, to certify whether cloud-based apps meet federal security requirements. As my colleague J. Nicholas Hoover writes: If implemented, FedRAMP will develop common security requirements for specific types of systems, provide ongoing risk assessments and continuous monitoring, and carry out government-wide security authorizations that will be posted on a public Web site. Agencies would also be able to see what security controls have been implemented in different products and services. This way, complicated certification and accreditation processes would only need to be carried out once per cloud service, and agencies could leverage shared security management services. Google has a strong security reputation. But this kind of certification would give it an official seal, one that suggests it's executing on the specific security needs of enterprise IT. It's only a start, since agencies can and must still consider a range of risk factors beyond the apps' capabilities. But it would help make sure security doesn't get the door slammed in Google's face. If Google can get certified, an IT leader in business or government who's tempted to write off Google for security concerns would have to answer "Why's it good enough for the U.S. army, or the IRS?" Security's only table stakes, though, and in fact we'll see security becomes less and less of a barrier to companies choosing online e-mail and collaboration. Microsoft CEO Steve Ballmer says every single CIO he talks with is discussing online e-mail. Certifications like the FedRAMP will accelerate that discussion. But security is falling as a concern already. Our most recent InformationWeek Analytics research, just out of the field, shows 31% of companies who aren't using SaaS cite security, down eight points from a year ago. No, the battle will increasingly shape up over features, prices, and flexibility, not security. Microsoft's the team to beat, with its powerful suite that includes Exchange and SharePoint, and now promises to bring in Office in a meaningful way, for the first time. But Google will get its shots, even without the lawsuits and hair pulling. Recommended Reading: Google's Not REALLY Excited About Enterprise Apps Global CIO: Microsoft, Google Vie Over Real Time Collaboration Microsoft's Cloud Plan: What's In It For You? Global CIO: Google, At Last, Goes For Microsoft's Throat Global CIO: 5 Points To Make When Your CEO Cries Cloud Global CIO: Steve Ballmer Interview: 'Hockey Stick' Cloud Growth Ahead Global CIO: When The Cloud Doesn't Win Global CIO: 7 Tips For Using The iPad In Business
About the Author(s)
Chris Murphy is editor of InformationWeek and co-chair of the InformationWeek Conference. He has been covering technology leadership and CIO strategy issues for InformationWeek since 1999. Before that, he was editor of the Budapest Business Journal, a business newspaper in Hungary; and a daily newspaper reporter in Michigan, where he covered everything from crime to the car industry. Murphy studied economics and journalism at Michigan State University, has an M.B.A. from the University of Virginia, and has passed the Chartered Financial Analyst (CFA) exams.
You May Also Like