Recommended NZ | Guide to Money | Gimme: Competitions - Giveaways

Google - Security Starts with your Employees

Read More:
Contributor:
David Silversmith
David Silversmith

While companies can put in place a myriad of technology to assist with security, people remain the biggest risk and Google acknowledged that two employees have been terminated after being caught spying on user e-mails and chats.

David Barksdale was fired in July after he reportedly accessed the communications of at least four minors with Google accounts, spying on Google Voice call logs, chat transcripts and contact lists, according to Gawker, which broke the story Wednesday. Barksdale was discovered and fired in July when the parents of one of the children complained to Google.  However, it appears that he was not accused of anything with sexual overtones.

Google acknowledged that it fired Barksdale for violating company privacy policy and at the same time acknowledged that it was the second such incident of its kind at the company. The company told CNN that, "We dismissed David Barksdale for breaking Google's strict internal privacy policies. We carefully control the number of employees who have access to our systems."

While Google insists that it maintains careful control over employee access to user data.  Google went on to elaborate that as part of its security controls that it has "significantly" increased the amount of time spent auditing its logs to ensure the continued effectiveness of its measures.

Barksdale was employed as an engineer with the company’s Site Reliability team. The team members, as part of their responsibilities for troubleshooting technical issues related to the site and Google’s products, have access to users’ accounts. Though any system administrator and IT manager at any company understands he inevitability of someone having full access to the company's systems.  There is simply no way to maintain the systems unless the IT staff have this level of access.

One of the bigger challenges is how large companies like Google can maintain security and control their employees when they have thousands of employees with some level of security access.

Another issue is whether Google should have reported the incidents to law enforcement. The two employees in question could have infringed federal and state statutes related to unauthorized computer access and stored communications.  Reuters quotes an anonymous source who says that “law enforcement was not called in after the Barksdale breach was uncovered, because one of the families involved asked to remain anonymous.”  However, the fact that minors were involved raises another reason why law enforcement might have needed involvement

How would you ensure that companies keep their IT staff observing all security procedures?

All articles and comments on Voxy.co.nz have been submitted by our community of users. Please notify us through our contact form if you believe an item on this site breaches our community guidelines.