Is there any reason for the average enterprise to be concerned about data leaks as a result of the Google Street...
View controversy? How do I know if Googlehas collected corporate data that it isn't supposed to have via its Wi-Fi sniffing?
Ask the expert!
Have questions about enterprise information security threats for expert Nick Lewis? Send them via email today! (All questions are anonymous.)
Google certainly has access to corporate data it isn't intended to have, such as search queries, email of employees using Gmail accounts against policy and, potentially, indexes of misconfigured internal sites. In this case, Google might have captured all corporate Wi-Fi traffic when it mapped near corporate locations, Google, however, should probably be the least of companies' Wi-Fi security concerns.
The privacy impact could potentially be a larger issue, but from a security perspective, whatever Google captured, an attacker could also easily capture and use maliciously. If an enterprise's wireless network security was not sufficient to prevent Google from collecting data using this Wi-Fi sniffing method, then an attacker could have just as easily identified the insecure setup and exploited it to attack the enterprise's systems. The data is of questionable value to Google, and the odds of the company using it to attack an organization are very low.
Enterprises concerned about the Google Street View controversy and the data collected should be more concerned about the use of an unencrypted or insecure wireless setup on their network. An enterprise could assume all users are going to connect to its network securely via VPN or some other encrypted connection before accessing corporate data, but then its concerns over the data Google potentially captured would be minimal. Enterprises that are concerned with potentially captured data may want to review Google's privacy FAQ to see how the company stores and uses the data.
Related Q&A from Nick Lewis
As the Angler exploit kit evolves and adopts new functionality, it's becoming harder to detect and defend against. Enterprise threats expert Nick ...continue reading
A proof-of-concept attack on Apple's Siri allowed researchers to steal data from iOS. Learn more about the iStegSiri attack and how to defend against...continue reading
A new global email scam has cost enterprises millions. Expert Nick Lewis explains how to defend against man-in-the-email attacks with proper training...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.