Postini technology to spread across Google Apps

Google is working to extend the Postini policy enforcement layer from Gmail to other Apps components like Docs

The Postini technology that lets Google Apps Premier administrators control their e-mail environments by establishing and enforcing usage policies, rules and parameters will be extended to the other applications of the suite.

That way, Apps Premier administrators will gain tighter control over how employees use not only Gmail but also the other suite components, like the word processing, spreadsheet and presentation applications.

When completed, this extension of the Postini security and management capabilities could go a long way toward calming concerns from CIOs and IT managers about using Web-hosted software like Google Apps.

This could in turn boost Google's attempts to lure large organizations to adopt Apps Premier, which, as the suite's most sophisticated version, contains an increasing number of tools and services that these companies require.

Apps Premier is the only fee-based edition of the suite, priced at US$50 per user per year.

"Google and Postini are integrated today in that every Apps [Premier] customer gets the Postini [policy and supervisory] services layer for managing e-mail in Gmail," said Scott Petry, a Postini founder and product management director in Google's Enterprise division.

"We're actively working on taking that same Postini capability and re-manifesting it across all the Google Apps."

Today, for example, Postini lets Apps administrators set a policy preventing end-users from e-mailing a spreadsheet with financial information during the company's quiet period before an earnings announcement.

"We want to extend that to say 'no one can collaboratively share a document that includes financial information outside the domain,'" said Petry. There is no specific timetable for when this work will be completed.

"We have a real opportunity to take [our Apps] content awareness and our ability to process large amounts of content very quickly and map that to a policy framework to create a supervisory content control layer for corporations to determine how information is being shared across those applications," he added.

Google envisions this as being attractive not only to companies in highly regulated industries, but to any organization that wants to exercise more control over how their end-users share and collaborate on hosted documents.

"Every company running any sort of information system connected to the Internet knows it has information that's risky, proprietary. They have policies their employees need to abide by, but there are no mainstream tools that allow them to manage it," Petry said.

The idea isn't for administrators to lock down Apps in such a way that the suite becomes unusable, but rather to give them tools that can alert them and end-users about potential policy violations, many of which occur accidentally and not always maliciously, he said.

The ultimate goal is to increase organizations' comfort level with the cloud computing model for enterprise software and consequently with products like Google Apps.

"IT administrators are going to feel like they're losing control when they move their services up to the cloud because they can't see boxes in the server racks with blinking lights," Petry said.

"The onus is on us to give them more software-based controls over that virtualized hardware instance, so that they feel they're getting better capabilities and more leverage, rather than just arbitrarily losing control," he added.

As part of this project, Google is fusing the now-separate Postini and Apps administrative consoles, so that administrators can provision services and define policies from a single place, he said.

Postini, founded in 1999, was acquired by Google in 2007, and its products and technology have been progressively integrated with various of Google's services and infrastructure.

Join the CSO newsletter!

Error: Please check your email address.

Tags GooglepostiniGoogle Apps

More about GooglePostini

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Juan Carlos Perez

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts