Is there any reason for the average enterprise to be concerned about data leaks as a result of the Google Street...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
View controversy? How do I know if Googlehas collected corporate data that it isn't supposed to have via its Wi-Fi sniffing?
Ask the expert!
Have questions about enterprise information security threats for expert Nick Lewis? Send them via email today! (All questions are anonymous.)
Google certainly has access to corporate data it isn't intended to have, such as search queries, email of employees using Gmail accounts against policy and, potentially, indexes of misconfigured internal sites. In this case, Google might have captured all corporate Wi-Fi traffic when it mapped near corporate locations, Google, however, should probably be the least of companies' Wi-Fi security concerns.
The privacy impact could potentially be a larger issue, but from a security perspective, whatever Google captured, an attacker could also easily capture and use maliciously. If an enterprise's wireless network security was not sufficient to prevent Google from collecting data using this Wi-Fi sniffing method, then an attacker could have just as easily identified the insecure setup and exploited it to attack the enterprise's systems. The data is of questionable value to Google, and the odds of the company using it to attack an organization are very low.
Enterprises concerned about the Google Street View controversy and the data collected should be more concerned about the use of an unencrypted or insecure wireless setup on their network. An enterprise could assume all users are going to connect to its network securely via VPN or some other encrypted connection before accessing corporate data, but then its concerns over the data Google potentially captured would be minimal. Enterprises that are concerned with potentially captured data may want to review Google's privacy FAQ to see how the company stores and uses the data.
Dig Deeper on Wireless network security
Related Q&A from Nick Lewis
Fileless malware hidden in server memory led to attacks on many companies worldwide. Expert Nick Lewis explains how these attacks fit in with the ...continue reading
Vulnerabilities in Java and Python have opened them up to possible FTP injections. Expert Nick Lewis explains how enterprises can mitigate these ...continue reading
Researchers have developed an ASLR Cache side-channel attack that enables them to eliminate ASLR protections. Expert Nick Lewis explains how ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.