The ubiquity of Microsoft's Windows OS and Office suite have made the software giant the number one target for security threats over the past ten years. But all that could be about to change. Search giant Google is facing new scrutiny as it diversifies its products and moves further into the business environment.
In a report to be published today, researchers at Ponemon Institute will detail their findings about existing concerns among IT professionals regarding the overall security of Google Desktop, the company's PC search utility, specifically within the confines of business operations.
And while the research revolves around the only significant security flaw to be unearthed in the program so far - a cross site scripting vulnerability reported and subsequently patched by Google in February - authors of the report contend that their work illustrates a growing level of concern over Google's rapidly-expanding footprint.
Google Desktop marries PC and web-based technologies in a similar manner as many other products the company has launched in the past few years, such as Google Apps, which competes directly with Microsoft Office.
If the company is to succeed in its plans to replace Office with Google Apps and drive other applications like Desktop further into businesses, Google must be ready to face a wave of inquisition over the potential security impact those products will have, according to the Ponemon researchers.
In the Ponemon survey of more than 600 IT security specialists who indicated that they were familiar with the Google Desktop vulnerability, an overwhelming 71 percent said that they believe that the product likely harbours other security flaws.
The results gathered by Ponemon - a Michigan-based firm that’s gained acclaim in recent years for its studies regarding the cost and causes of data breaches - illustrate the growing apprehension among businesses about the security implications of Google's applications, said Dr. Larry Ponemon, the research company's founder and chairman.
Google has moved to bolster its security skills via recent acquisitions of software makers GreenBorder Technologies and Postini and has sought to become a thought leader via its sponsorship of malware research projects like Stopbadware.org.
However, the company must prepare itself to face the daily assault from hackers and researchers previously reserved for Microsoft and other industry leaders if it succeeds in becoming a more central provider of business IT products, according to the expert.
"Google has a huge bull's eye on its back because of its position in the market and everything it wants to become, specifically to businesses," said Ponemon. "These recent acquisitions may point to steps to try and make it safer to use their applications, but it's likely that they will become a victim of their success as more hackers and researchers focus their efforts on finding flaws in its products."
In addition to existing concerns among the general public regarding the amount of data retained by search engine providers about people's individual web queries, products like Desktop and Google Apps are raising significant questions among business users about the ability for the company to keep hackers from finding a way to break in and use the tools to steal sensitive corporate data, he said.
Another finding of the report was that 81 percent of respondents familiar with the Desktop cross site scripting security problem said that they do not feel that users who have sensitive data on their computers should use functions of the program that allow them to run remote queries on their machines.