[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Yale outsources email to Google

I think there are some real misunderstandings shown in this 
e-mail. First, SAAS is being adopted by large corporations 
everywhere - for all kinds of sensitive and proprietary data. I 
would argue that these systems are more secure than some 
homebrewed systems currently used on college campuses. 
Distributing data across a cloud poses new complications to 
hackers that a centralized database does not. University IT 
departments are typically under resourced and may not have the 
protections service providers consider routine. (Look at all of 
the university hacks we've seen in the news recently!)

Skype does pose a very large security risk, however, as do all 
P2P services. Botnets are controlled through P2P and lots of 
viruses and worms spread that way. See the numerous articles in 
the NYT.

I disagree that "it will be a very long time coming before 
student academic accounts, employee IDs, payrolls, and all the 
other myriad of academic financial services are moved into such 
an environment". I think you'll see this start to happen in the 
next 2-5 years.

Christina Pikas - who is not representing her employer!

-----Original Message-----
From: owner-liblicense-l@lists.yale.edu [mailto:owner-liblicense-l@lists.yale.edu] On Behalf Of Emery, Jill
Sent: Wednesday, February 17, 2010 6:59 PM
To: liblicense-l@lists.yale.edu
Subject: RE: Yale outsources email to Google

Due to local and in some cases federal regulations regarding the
security of both student/personnel data and regarding certain
aspects of financial data; I cannot yet see a future where the
majority of academic research universities can be entirely in the
"clouds." Yale's move shows that certain services such as email
can be moved into the SaaS environment. Many universities are now
using Skype as a long distance provider. Neither of these
applications are considered high security risks. However, it will
be a very long time coming before student academic accounts,
employee IDs, payrolls, and all the other myriad of academic
financial services are moved into such an environment. The
threats to the big guys are always greater than the threats to
the little ones. Hackers cannot make a name for themselves by
hacking into your small company (as you yourself call it).
However, hackers can make quite a name for themselves if they
manage to disrupt payroll at MIT for instance.

It's a matter of scale and security and it's still a vast, wild,
& wooly Internet out there.

Jill Emery
Head of Acquisitions
University of Texas Libraries
Austin, TX 78713
e: j.emery@austin.utexas.edu


-----Original Message----- From: 
owner-liblicense-l@lists.yale.edu 
[mailto:owner-liblicense-l@lists.yale.edu] On Behalf Of Joseph 
Esposito Sent: Tuesday, February 16, 2010 4:38 PM To: 
Liblicense-L@Lists. Yale. Edu Subject: Yale outsources email to 
Google

The outsourcing trend continues:

http://j.mp/968Sov

Yale is outsourcing its email service to Google.  The question I
have is, How long before all enterprise applications (including
those for higher ed) are outsourced?  I would think soon.

Calling it "outsourcing" may be misleading.  Better to use the
industry term:  SAAS, or Software as a Service.  I am puzzled why
even as enterprises move to SAAS and Cloud computing, there is
still a centripetal pull to have code written and maintained
internally.

The small company I now work for, with employees on two
continents and clients on three, is committed completely to Cloud
computing, running the entire operation on Google Apps.  No
employee keeps any data on his or her hard drive.  Presumably
iTunes is the exception.

Joe Esposito

[NOTE: Yes, outsourcing the student service.  Perhaps if that
works well, the faculty and staff service will be moved, but it's
too early to know. Ann Okerson]