SAC has always been controversial. The EFF (Electronic Frontier Foundation) urges consumers not to use this feature,...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
because it will "make their personal data more vulnerable to subpoenas from the government and possibly private litigants, while providing a convenient one-stop-shop for hackers who've obtained a user's Google password." Research firm Gartner Inc. issued a recommendation that the Search Across Computers option should be disabled or heavily managed by enterprises.
Google's Enterprise Team agreed with Gartner's recommendation, and said enterprises should use the Google Desktop for Enterprise edition immediately and restrict its use accordingly. The Enterprise edition includes a Group Policy Administrative Template so that administrators can disable features such as the Search Across Computers. Administrators also have the ability to set time-based retention policies for different types of documents.
Security concerns about Google Desktop security surfaced in early 2007 when Web application company Watchfire Corp. found a series of vulnerabilities that could allow a hacker to gain remote access to sensitive data, and in some cases, gain full-system control. As a result of this serious flaw, Google changed some of the internal workings in version 5. Since then, no other security flaws have surfaced, but concerns over privacy have been ongoing.
As with most Google applications, the disclaimers that you implicitly agree to allow future changes in the license agreement. Could Google start scanning your files in order to serve targeted advertising? At the end of the day, using SAC means that your personal or business data is being stored on a third-party server, and you need to appreciate the risks this involves. If your Google account is ever compromised, any data that has been indexed may be readable by whoever accesses your account.
For many mobile workers working from different machines, being able to access files on multiple machines makes life a lot easier. SAC could also be a life saver if a laptop is stolen or a PC's hard drive fails. Google does have a good track record of protecting users' data from the authorities, but even so, it may be too much of a risk for many enterprises. If so, either use Group Policy or configure your firewall to block access to http://sac.enable.desktop.google.com, which will completely block both incoming and outbound Search Across Computers activity.
Dig Deeper on Web application and API security best practices
Related Q&A from Michael Cobb
Many users of the file-sharing website Docs.com were unaware that the sensitive data they uploaded was searchable. Expert Michael Cobb explains how ...continue reading
The libpurple library contains a code execution vulnerability that affects the IM clients that were developed using it. Expert Michael Cobb explains ...continue reading
The ReBreakCaptcha exploit can bypass Google's reCAPTCHA verification system using flaws in Google's own API. Expert Michael Cobb explains how the ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.