Stay Current


Google Gets Serious About Security

The search giant jumps into the anti-virus, anti-malware and email-security markets.

Paul D. Kretkowski on July 25, 2007

Google wants to organize all of the world’s information. To do that it must access all that information. And to do that Google must convince everyone that its growing number of Google Apps are both efficient and safe to use.

Thus Google’s accelerating drive into the security business, which has included a package of consumer-side security tools, an aggressive effort to index malware sites, the launch of a Google security blog and purchases of security companies.

Related Articles:

Google publicly revealed its increased interest in security in May 2007, launching a Google Online Security Blog to document its efforts to combat malware. Google seems particularly interested in automated processes that use Google’s search capabilities to spot vulnerable systems, and which then take over those systems to perform further searches. This causes noticeable spikes in search-query volume, taxing Google servers and turning the company’s marquee service into an unwitting accessory to automated hacking.

The blog initiative added momentum to the existing Google Pack, a set of free, consumer-side security tools including Norton Security Scan, Spyware Doctor Starter Edition and aspects of Google Toolbar.
However, observers such as Jay Neely and Andy Beal have wondered whether Google would start replacing these third-party tools with in-house brands, which appears to be the case. In May, Google made the first of several purchases that add punch to its security portfolio, beginning with the anti-virus company GreenBorder.

GreenBorder allows an Internet browser to run in what Security Focus calls a “sandboxed environment to prevent malicious code from interacting with a user’s PC.” What users see is a green border around otherwise normal-looking Web browsers and email programs, signaling that whatever they are looking at is running in a virtual environment that’s isolated from their local PC or network. Trapped in the sandbox, malware has no opportunity to affect either.

This feature, considered much more aggressive than anti-virus programs that simply detect and notify about viruses, could buy Google Apps some serious traction, particularly among Windows, Outlook and Firefox users.

In June 2007, Google announced a Safe Browsing API that lets developers access extensive lists of malware and phishing sites, so as to exclude these URLs from whatever application the developer is building. The API also allows client applications to check such URLs against up-to-date lists of suspect pages, warn or bar users from clicking through to these links and even keep others from posting links to phishing pages on the client application’s site.

Finally, in July 2007, Google spent $625 million to buy Postini, a company that provides hosted security for email, SMS and other types of communications. Significantly, the company’s products also stop botnets, a major worry for anyone who doesn’t want their (or their company’s) entire network turned into a zombie that exists mainly to produce organ-enlargement spam.

This would include the roughly 100,000 businesses that Mountain View claims already use Google Apps.

Postini already provides its services to tens of thousands of businesses, meaning that getting some form of them ready for Google Apps is a matter of scale — as it always is when Google buys you — and not of doing something fundamentally different.

These purchases and initiatives all add up to a Google that is taking an aggressive, large-scale approach to security. Once the new companies and products are integrated, Google Apps’ attractiveness to consumers, developers and (not incidentally) advertisers, should also be secure.

Related Articles:

Web 2.0 App: The Good, the Bad and the Ugy

IDS/IPS Buyer’s Checklist

Top 10 Reasons You Need a NAC

NAC Comparison Guide



All fields are required. Your E-mail will not be published.

Nortel Webinar Sept 20