Google’s new business application suite — with word processing, email and spreadsheet capabilities — is set to directly compete with Microsoft Office. But does that mean that vulnerabilities similar to those affecting Office will start popping up in the search giant’s new product?
Probably not, say experts.
Security will be more robust because the search giant’s Google Apps Premier Edition, unveiled Thursday for enterprises, is offered as a service that can be accessed through the web, instead of desktop software.
That means that updates will appear automatically, and the burden will not fall on users — or network administrators — to keep their applications patched, said Amol Sarwate, manager of vulnerability research at Qualys, which provides software-as-a-service (SaaS) solutions.
"You never have to patch anything, so hackers would be reluctant to target," he told SCMagazine.com today. "You won’t even know if a patch is released. Whenever you log in, you’ll get the newest version they have."
Eric Ogren, an analyst at Enterprise Strategy Group, told SCMagazine.com that Google will protect the software in its data center, and it will not be vulnerable to typical client-side vulnerabilities.
"I think it’s kind of a cool idea," he said. "I think we’re going to see a lot more stuff like it."
Sarwate stressed, though, that because the Google package, which costs $50 annually per user and offers support for Gmail on BlackBerry devices, could be vulnerable to an emerging set of web-based threats, such as cross-site scripting and SQL injections.
He also warned users that the product likely will not contain as rich a set of features as Microsoft Office.
But less functionality might mean more security, said David Smith, a Gartner analyst.
"When you add more functionality, you add more vulnerabilities," he said.
Click here to email reporter Dan Kaplan.