More recently, Google has tried to assuage security concerns related to its cloud offerings by pointing to its "Gov Cloud" offering which it is developing for use by state and federal government agencies . The company has said the service will meet the requirements of the Federal Information Security Management Act (FISMA) when it is released.
Consumer Watchdog's Simpson told Computerworld that there was a "difference in tone" between Google's attempts to reassure potential users about the security of its hosted applications and in its federally regulated communications.
In Google's most recent 10-Q statements, the company has painted a picture that is at odds with its security assurances in public, Simpson said. His letter pointed to various statements in the 10-Q report where Google talks about its systems being vulnerable to disruptions from terrorist attacks, floods, fires, power loss, telecommunications failures, computer viruses and computer denial of service attacks.
Such threats could "jeopardize the security of information stored in a user's computer or in our computer systems and networks," Google has noted. In addition, "some of our systems are not fully redundant, and our disaster recovery planning cannot account for all eventualities," the report warned.
"Google puts the best spin possible when they are talking about benefits of cloud computing," he said. "However, when they are talking about cloud security in the context of a report to shareholders they are singing a completely different tune. That difference smacks of corporate hypocrisy."
He also said it would be disingenuous for anybody to suggest that Google's comments in its financial statement are the kind of standard disclaimers that every company makes.
"The single biggest problem with cloud computing and the rush to it is that providers have focused on things like latency and access" without adequate thought for security, Simpson said. As a result, it is important to air the security issues in public and work on resolving them, he said.
Sign up for Computerworld eNewsletters.