I’ve been kinda quiet lately mostly because I’ve been very busy with the changes in my job and getting ready to move. Lots and lots of things that have to be done in both cities.

Today I saw something that got my blogging juices flowing. This article on NetworkWorld.com talks about how the city of Los Angeles has decided to transition to Google Docs for much of their business. They are transitioning everyone from an internal email system (They used Groupwise for email and collaboration so it’s understandable that they would want something else) and they are going to use Google docs for much of their office suite duties as well. There were several things that got my ire up about this so I thought it would be a good subject for me to “rant” on for my first blog in a while.

So here are my thoughts and issues with this. First, this quote that shows that those who are responsible for ensuring that the data is secure and private don’t seem to understand the meaning of the word “responsible”.

L.A. officials were convinced by Google’s security credentials, which includes SAS 70 certification,

EXCUSE ME!!!! REALLY! They honestly think that a SAS 70 is ANY measure of security? Come on are we sure that this isn’t April Fools day again? Have they ever read up on exactly what a SAS 70 is?  Saying that a SAS 70 is even remotely proof of a secure environment is like saying that using Gmail is similar to having your own private email server.  Now don’t get me wrong I’m sure that Google has some pretty impressive security in place, at least on parts of their network, but it’s still gmail. That’s email that is available to any and everyone.

Then there is the whole “cloud” issue. All of their email and documents will be stored on public servers. Let me be clear, these are the same servers that some of your Gmail and Google docs are on. These are servers that every hacker in the world has poked around looking for issues. These are servers that could easily be misconfigured and expose these emails and docs to the world. Just look at how many times we hear of data stored on Google infrastructure being “accidentally” exposed in Google searches. I’d bet that everyone reading this has done some Google Hacking and found all sorts of things that the owner of the data didn’t want to be seen by others.

That brings up the point of configuring the settings on the documents. Will Google handle this or will the City of LA, maybe even the end user will have control of these settings. What about someone who decides that they also want access to their own Gmail so they configure forwarding from their city account to their personal account and log into their personal account. Now they have access to both accounts and now the cities data is no longer under their Google infrastructure (even though it may be on the exact same server). What about sharing of docs that are stored in the Google infrastructure. If the control over that is not closely controlled then users personal accounts may get access to these documents and that would seriously hinder any additional security that may be applied to the city account.

This whole thing just reeks of potential problems. Then when you think about the math behind this you really have to wonder.  The article says that the City of LA has 30,000 users. Google Apps charges $50 per user per year. That’s $1,500,000 but the city is paying $7,500,000 to get transitioned from their internal systems to Google Apps. That means they are spending $6,000,000 dollars for transition and that’s if Google actually charged them $50 per user which would mean that they didn’t get any discount off of “retail”.  Sounds like a consulting firm saw the city coming.

They next math equation seems equally as questionable. They expect to save $5,000,000 over the 5 year contract. That’s only a million dollar savings per year for a 8 million dollar initial investment. Not exactly stellar but every penny counts. They they say that they expect to get another $15,000,000 dollars in increased productivity. ARE YOU KIDDING ME! Do they honestly think that the ability to work on documents at the same time will provide that kind of added value. If you do the math that equals out to $100 per year per employee in increased productivity which is doable and reasonable. Again we have to be realistic about this. All 30,000 employees won’t see that kind of increased productivity. Most of them will see no increase because the way that they work will not change for the most part. Next they will still continue to use Excel and other MS Office products for a fair amount of their work because Google docs doesn’t have some of the required features. So let’s be realistic and generous and say that out of those 30,000 accounts in actually 5,000 of them will see increased productivity. Now we are looking at 5,000 employees having an increased productivity of $600 per year. Still possible but not probable. If we are honest about it maybe 500 employees will see increased productivity so now we are looking at $6,000 per employee in increased productivity and that WON’T happen.

So I think that as with many things government the people are getting a raw deal financially and now government documents are are increased risk of being breached. Sounds like a great deal for the people of LA doesn’t it.