While some remain suspect of security and privacy with cloud computing, Google Apps actually offers ways to help protect and preserve a company’s Intellectual Property (“IP”) that are not readily available in traditional, in-house systems. Why worry about IP? Because as business becomes more electronic, your contracts, agreements, change orders, and work product are more likely to be written, reviewed, updated, and negotiated on-line. Protecting your documents, data, and information means protecting your business.
Let’s Get Technical
Google Apps’ underlying data management is Write Once; Ready Many (aka “WORM”). In other words, once information is saved in Google’s system it cannot be altered. Unlike MS Exchange or a Windows File Server on which a Domain Administrator can alter any existing content anywhere, once data is saved in Google Apps, it cannot be modified.
Granted, you can reply to an email and modify the embedded copy of the original message. But, the original message is still saved as it was received. Similarly, you can open a Google Doc and modify the content, but the revision history is there and you can go back to a prior versions.
The big risk to WORM is the power to delete … but we have a solution for that too.
Here are Six Ways To Protect Your IP with Google Apps:
1) Comments in Google Docs
Even if you switch to MS Word for your final formatting, draft your documents in Google Docs using the “Insert Comment” feature. By keeping editing writes to yourself and giving comments only permission to your associates, you have full control of the document’s contents. You associates — be they co-workers, a client, or opposing council — have the ability to highlight portions of the document and comment. Whether they ask questions or suggest alternate wording, you can reply in-kind via comment as you edit the document.
Once final agreement is reached, you can “resolve” the comment. While it disappears from view, it is part of the permanent history of the document.
Imagine two lawyers discussing and agreeing to the intent of a contract clause. If an issue were to come up at some point in the future, any discussion of the ‘original intent’ of the clause would be cut short by the comment thread saved at the time.
2) Message Discovery (now); Google Vault (soon)
As noted above, the big risk to IP in Google Docs is deletion. Google Message Discovery (GMD) available to all Google Apps users, provide a secure, compliant archive of all inbound, outbound, and internal email messages with retention of up to 10 years. The service provides search and e-discovery tools as well.
Imagine a client refusing to pay for work that was not “officially authorized”. With GMD in place, you can produce the email thread discussing the work and providing the authorization.
Google Vault, available to new Google Apps customers now and all Google Apps users in the near future, extends the archiving ability of Google Apps in several ways. Google Vault recognizes that you IP is not just in email and that your retention needs will vary. Google Vault lets you:
- Archive email, instant messages, and documents
- Provide unlimited retention of archived information
- Take advantage of the WORM underpinnings of Google Apps to maintain and protect your IP.
3) Google Drive and Docs
In our increasingly electronic world, more work gets done on the go. By implementing Google Drive, your users have the ability to work locally while synchronizing and saving files automatically in Google Docs. Beyond providing a convenient way to work — online or offline — Google Drive provides a level of protection for your IP from local hardware issues. Combined with a backup/recovery strategy (see below), you have even better data protection.
Also, by adding additional space, you can also strategically create a secure file sharing structure where ownership of folders and files mimics traditional file server models.
4) Protected Folders
One way to protect IP is to ensure that final documents are tamper-proof and protected from deletion. You can prevent critical documents from being editing or deleted by setting up protected folders. These folders provide defined view permission, but will prevent users from tampering or removing critical information from within Google Docs.
CloudLock is one such service that lets you create protected folders. In doing so, you can also determine who can add files to these folders, who can view folder content, and which administrative account manages the folders.
5) Backup / Restore
While Google Apps prevents data loss from hardware/software issues and provides version histories, Google Apps cannot prevent user mistakes or acts of malice. Files not protected from deletion (see above) are vulnerable. Additionally, you still need to protect against problems that can occur on any file server, such as uploading and sharing virus-infected files.
Given that in users have critical data in each of the Google Apps services, tools like Backupify offer a broad range of protection. Backupify protects user content in email, calendar, contacts, docs, and sites.
6) Permissions Monitoring
Google Apps makes collaboration easy. And, while you can restrict users ability to share to some extent, understanding the visibility of IP within and outside your business, and monitoring your documents for changes in exposure is an emerging best practice.
A key element of the CloudLock service are the ability to monitor changes in document permissions, the ability to change document ownership, and the emerging ability to set alerts based on keywords and business rules.
When moving your data from in-house systems to Google Apps or other cloud services, you want and need to make sure that your data is at least, if not more, secure and private. Just as with in-house systems, you have tools and services available to manage and protect your intellectual property when using cloud solutions. Google Apps provides a great foundation with an infrastructure designed to protect data with every save. Integrated, third party tools like CloudLock and Backupify, along with new features in Google Apps itself, provide a manageable, secure, ecosystem.