Hooking the enterprise on hosted security

Chief among the obstacles Google faces in making a security services push deep into the enterprise is the fact that many larger organizations are reluctant to buy into the hosted security model. Petry, however, remains undeterred, citing Circuit City, Merrill Lynch, Mitsubishi Motors, and the National Hockey League as examples of existing Postini customers. And with major security vendors such as Symantec making SaaS plays, the security services model shows signs of catching on.

From building additional compliance policy enforcement and DLP (data leakage prevention) services to creating new malware detection and e-discovery tools, Google is examining a wide range of opportunities to leverage its place in the IT stack into a more comprehensive security offering, Petry said.

"We'll start with some of the simpler things and move into some of the more complex areas," Petry said. "We feel that security has to be an anchor tenant of the entire Google applications infrastructure; what Google has today is a framework for creating a lot of new tools down the road."

Blending security tools into Google Apps is another priority for the search giant, as providing self-defense capabilities in those services will be essential to convincing larger businesses that the hosted applications model is industrial-strength, said Rajen Sheth, senior product manager at Google.

"Security remains one of the biggest issues for getting people more confident about putting more of their data outside the firewall," Sheth said. "Having policy-based services in place for protecting all different types of data -- as with the engine that came to Google from Postini -- will be critical to the success of Google Apps."

Deep pockets, worthwhile possibilities

Industry watchers agree that Google has the potential to successfully spin its existing security holdings into worthwhile security services.

Enterprise Strategy Group analyst Brian Babineau underscored the strength of technology brought on board in the Postini and GreenBorder acquisitions as key to Google's security push.

Marrying message filtering and archiving to Enterprise Gmail, along with the introduction of DLP tools, indicate the direction Google is likely to take, Babineau said.

Here, the vast financial and development resources at Google's disposal will prove advantageous, the analyst added.

"It's hard to ignore the resources that they have to use on any technology investment. Postini had a good customer base, and by adding that delivery mechanism, you can certainly envision some interesting things they can do around Enterprise Gmail and Google Apps," Babineau said.

"Something like archiving for compliance or governance purposes makes a lot of sense, especially in the messaging arena," Babineau said. "There will be some financial services and health care companies looking for service providers who can handle a lot of this work, and those that would consider using services like this will probably find it attractive to have a one-stop shop when they can find one."