Is there any reason for the average enterprise to be concerned about data leaks as a result of the Google Street View controversy? How do I know if Googlehas collected corporate data that it isn't supposed to have via its Wi-Fi sniffing?
Ask the expert!
Have questions about enterprise information security threats for expert Nick Lewis? Send them via email today! (All questions are anonymous.)
Google certainly has access to corporate data it isn't intended to have, such as search queries, email of employees using Gmail accounts against policy and, potentially, indexes of misconfigured internal sites. In this case, Google might have captured all corporate Wi-Fi traffic when it mapped near corporate locations, Google, however, should probably be the least of companies' Wi-Fi security concerns.
The privacy impact could potentially be a larger issue, but from a security perspective, whatever Google captured, an attacker could also easily capture and use maliciously. If an enterprise's wireless network security was not sufficient to prevent Google from collecting data using this Wi-Fi sniffing method, then an attacker could have just as easily identified the insecure setup and exploited it to attack the enterprise's systems. The data is of questionable value to Google, and the odds of the company using it to attack an organization are very low.
Enterprises concerned about the Google Street View controversy and the data collected should be more concerned about the use of an unencrypted or insecure wireless setup on their network. An enterprise could assume all users are going to connect to its network securely via VPN or some other encrypted connection before accessing corporate data, but then its concerns over the data Google potentially captured would be minimal. Enterprises that are concerned with potentially captured data may want to review Google's privacy FAQ to see how the company stores and uses the data.
Dig deeper on Wireless Network Protocols and Standards
Related Q&A from Nick Lewis, Enterprise Threats
The Zeus malware is threatening RTF security by embedding itself in the file, which is commonly seen as safer than other file formats such as PDFs. ...continue reading
Enterprise threats expert Nick Lewis explains how to detect and avoid one of the most advanced malware threats: The Mask.continue reading
Hybrid threats are becoming an increasing issue for mobile devices. Enterprise threats expert Nick Lewis explains how to mitigate the risk.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.