Security of Google Calendar? Need opinions & data

[Green_Cymbeline]

In my office, we have been using Google Calendar to keep track of everyone’s schedules. We all love it, except for our IT guy. He seems paranoid and says that using GCal for our schedules is a “huge security risk.” I think that’s just his paranoia and not backed up with any common sense. (Background: he has virtually no experience with any Google tools, and is a bit behind-the times.)

So what I am looking for is anything supporting my stance that GCal is perfectly secure… Our calendars are private, and not viewable to the public. The only way we access it is through our login and password.

Can anyone offer any links to articles or anecdotal evidence supporting the fact that IS secure?

Thank you!

p.s. I wasn’t sure whether to post this in GQ or here, but since I am looking for data and opinions, I thought this would be the place.

[Quartz]

I think you need to ask Google.

[chambraigne]

Here’s my (perhaps completely uninformed) opinion:

Google Calendar is generally very safe, and in some cases perhaps even more safe than some other options.

That said, however, in general your e-mail, calendar, etc at a company should stay within that company. Exporting that information outside of the company opens up a few risks.

I’m thinking specifically of the MediaDefender leak this summer. An especially interesting part from the link is this quote from the hackers:

“A special thanks to Jay Maris, for circumventing there entire email-security by forwarding all your emails to your gmail account”

By taking the data out of the company’s systems, he opened up a potential security risk which, unfortunately for him and his company, led to some very embarrassing information being leaked. The company lost control of that information when he forwarded it externally–even if they beefed up their security, he had still opened up a back door. It’s kind of like buying a ton of deadbolts for your front door and then leaving your back door unlocked.

One of the risks, as I see it, is that you’re likely mixing up your work and personal information. Say that you log in to check your gmail on a friend’s computer, and forget to log out. That might not be a huge deal if you trust your friend with your personal information, but the important part is that you’ve then left information that is not yours open as well. If your friend sees some secret e-mail–well, that stinks for you. But if your friend sees some secret work appointment or something, well, that stinks for the company as well.

Gee, now I sound overly paranoid.

Incidentally, there is a special version of Google calendar, Gmail, Docs and Spreadsheets, etc designed especially for small businesses. It’s called Google Apps, and it could be a good solution–that way, you could all have special work accounts, administered by your IT guy, for internal e-mail and calendars (and more). Here’s some more information. I’m a little biased, but I think it’s pretty cool, and even though it’s likely not a good match for your needs, it’s worth looking into briefly.

Again, please take my comments with a grain of salt, as most of this is just conjecture.

Also, nyctea, I’m originally from Alexandria, too! I’m looking forward to the turkey trot next week…

[Green_Cymbeline]

Thank you everyone for the good input and perspective on the situation. I feel I understand the other side a bit better now.

And hello to former fellow Alexandrian (or Alexandrite?)!