Google Docs and confidentiality 投稿者: Alexandre Chetrite
|
|---|
Hello,
When you send documents using Gmail, the recipient can open them using Google Docs (without saving them on their computers) and then Google Docs send a link back by e-mail to be able to access the document later.
Questions: what about confidentiality of information? Are the documentsstored on Google servers and how long? Can they be accessed by somebody else? Is it possible to deactivate this Goodle docs option(automatic using gmail)
What are the sec... See more Hello,
When you send documents using Gmail, the recipient can open them using Google Docs (without saving them on their computers) and then Google Docs send a link back by e-mail to be able to access the document later.
Questions: what about confidentiality of information? Are the documentsstored on Google servers and how long? Can they be accessed by somebody else? Is it possible to deactivate this Goodle docs option(automatic using gmail)
What are the security risks?
Best regards, ▲ Collapse
| | | | | Zipped files | Jan 18, 2011 |
Hello Alexandre,
Maybe you could bypass this feature by sending zipped files only, if your client agrees. Try sending yourself a zipped .doc file, and check if Google has an unzipping built-in feature.
Kind regards,
Valeria
| | | |
Of course Google stores the documents. Otherwise how would the link work?
This is simple: Don't ever work with Google Docs, or any other kind of server storage, if you're supposed to provide real confidentiality.
(The security is probably fine as it goes, but there are way to many possible back doors.)
| | | | | About zipped files in Gmail | Jan 18, 2011 |
Hello,
I confirm that Gmail can't open zipped files in Google docs..but maybe later it will be able to do so.
In the meantime I don't think it is sound from Gmail to automatically store attached e-mail files on their servers with a direct link. A hacker could very well access these attachments way after the e-mail has been received/processed.
I know that e-mails are deleted from the e-mail servers some time after being sent (well I hope!), but I don't know ... See more Hello,
I confirm that Gmail can't open zipped files in Google docs..but maybe later it will be able to do so.
In the meantime I don't think it is sound from Gmail to automatically store attached e-mail files on their servers with a direct link. A hacker could very well access these attachments way after the e-mail has been received/processed.
I know that e-mails are deleted from the e-mail servers some time after being sent (well I hope!), but I don't know after how much time attached files are deleted from Google servers (for Google doc viewing)...
A user can chose for e-mails to be stored on the e-mail servers, but then the user won't be able to access it if he accidentally loses it..So most people enable this function. Web-based e-mail clients need this function enabled too...
Good day. ▲ Collapse
| | |
|
|
|
| E-mails and Google Docs | Jan 18, 2011 |
The documents are, of course, stored on the Google server because how else could they be delivered to the recipient's mailbox?
This has nothing to do with Google docs per se.
Now, regarding your problem, I understand you're referring to the option to have a preview of the Word files sent to you without downloading them first, right?
If you try it yourself, you will notice that in this (Google... See more The documents are, of course, stored on the Google server because how else could they be delivered to the recipient's mailbox?
This has nothing to do with Google docs per se.
Now, regarding your problem, I understand you're referring to the option to have a preview of the Word files sent to you without downloading them first, right?
If you try it yourself, you will notice that in this (Google Docs) preview window, the recipient of the emails has to save them first before any sharing of the docs becomes possible (top right corner). That means these documents aren't per se accessible for everybody. If someone found out the link to one of these docs (highly unlikely), they'd get the login screen when trying to click on the link because these docs are only accessible via the respective user account.
Now, of course, hackers could hack into your account and they have done so already - even with big Google - but you should keep in mind that your e-mail travels around the world before reaching the recipient's mailbox. Unless you use secure e-mail methods, your mails are like postcards and can be read by whoever wants to read them (and has the skills to intercept them). If you want absolute confidentiality, use e-mail encryption or do not use e-mails at all. ▲ Collapse
| | | | | About security risk | Jan 18, 2011 |
Dear Simone Linke,
I agree that encrypted e-mail is better than non-encrypted e-mail.It's just that until now I didn't have any problem with e-mail security.However you made me think and I will try finding a better way to send e-mails.
And I also agree that the security risk is very small because the e-mail travels all around the word and there are billions of e-mails sent each day...However IF it has to happen one day , the client may sue the translator (... See more Dear Simone Linke,
I agree that encrypted e-mail is better than non-encrypted e-mail.It's just that until now I didn't have any problem with e-mail security.However you made me think and I will try finding a better way to send e-mails.
And I also agree that the security risk is very small because the e-mail travels all around the word and there are billions of e-mails sent each day...However IF it has to happen one day , the client may sue the translator (even years after??)...And I will do my best so that it does not happen
Good day ▲ Collapse
| | | | | Another option.. | Jan 18, 2011 |
Another option - although also a possible prey for hackers - would be to use your own Webspace / FTP server. Some of the agencies I work with send me a link to the translation files on their secure FTP server, and in a separate mail, they send the password for the protected files. That means, not only are the files stored in a (more or less) secure location but each individual file is also protected with a unique password.
Of course, if the recipient's account has just been hacked,... See more Another option - although also a possible prey for hackers - would be to use your own Webspace / FTP server. Some of the agencies I work with send me a link to the translation files on their secure FTP server, and in a separate mail, they send the password for the protected files. That means, not only are the files stored in a (more or less) secure location but each individual file is also protected with a unique password.
Of course, if the recipient's account has just been hacked, the hacker will have access to this file, BUT I don't see how you could be sued in this case because the client's account got hacked and you didn't do anything wrong.
Also, if you put your translations on your own server and let the client download them, you can delete them after a week or so, and then it's the client's responsibility to ensure their subsequent confidentiality if needed. Thus, you will have more control over the files than you would have if you sent them via e-mail. ▲ Collapse
| | | | | Get a proper email | Jan 18, 2011 |
My general advice in this matter is to pay an Internet Service Provider for a proper email with your own domain name on it. Using Gmail does not only look unprofessional (to me at least), but could also pose risks like the ones you mention.
| | |
|
|
|
| About Online web storage sites (mediafire , megaupload, etc) | Jan 18, 2011 |
Hello,
That is an interesting point. What about online storage websites such as mediafire.com, and megaupload.com? I haven't read their Terms and conditions, but I believe they would not be responsbile if a hacker accesses my files on these hosters?
What would you answer to a client who accuses you of negligence and sues you and you know you haven't done anything wrong?
Anyway, as long as there is an unencrypted transmission , there is a higher risk.
| | | | | Not relevant in this case - unfortunately | Jan 18, 2011 |
Tomás Cano Binder, CT wrote:
My general advice in this matter is to pay an Internet Service Provider for a proper email with your own domain name on it. Using Gmail does not only look unprofessional (to me at least), but could also pose risks like the ones you mention.
The problem in this case is that it doesn't matter what kind of e-mail you're using. If the recipient uses a gmail account, the mentioned Google Docs issue arises, because it's the recipient who can open the files in a Google Docs preview window. The sender can only send file formats that are currently not supported by Google Docs, but even then, the sender has no influence on how long the recipient will let the files sit in his/her gmail account. :-/
| | | | | No external hosts | Jan 18, 2011 |
Alexandre Chetrite wrote:
Hello,
That is an interesting point. What about online storage websites such as mediafire.com, and megaupload.com? I haven't read their Terms and conditions, but I believe they would not be responsbile if a hacker accesses my files on these hosters?
What would you answer to a client who accuses you of negligence and sues you and you know you haven't done anything wrong?
Anyway, as long as there is an unencrypted transmission , there is a higher risk.
Personally, I wouldn't use such external hosts because I'd always be afraid of (unintended) filesharing or whatever.. I'm sure many of these sites are very professional but given the not so professional sites amongst them, I'm always wary about it.
Regarding client accusations:
I have my own Terms and Conditions and these include a paragraph on circumstances beyond my control and on the fact that no e-mail or Web transmission can ever be 100% sure (which is also true for snail mail). I'm not a lawyer but I'm pretty sure that - as long as you use adequate security measures - there isn't really much that could happen to you. (Plus, a proper insurance should also cover you in such cases.)
Adequate measures and behavior should include all the things common sense dictates:
- don't give passwords to others
- don't use your e-mail account on public computers
- don't send protected files + password in the same e-mail
- don't put confidential files on your website
- etc.
You get the point.
There will always be a tiny risk, but if even the giants (Google, Microsoft...) aren't fully immune, I don't think you should worry about things that are really beyond your control.
| | | | Samuel Murray 
オランダ
Local time: 03:46
2006に入会
英語 から アフリカーンス語
+ ...
| The alternative | Jan 18, 2011 |
Simone Linke wrote: Alexandre Chetrite wrote:
What about online storage websites such as mediafire.com, and megaupload.com? Personally, I wouldn't use such external hosts because I'd always be afraid of (unintended) filesharing or whatever.
Whether you use Gmail, or your own ISP's servers, or megaupload.whatever, etc... you always trust someone else to take care of security. Perhaps you get more personal service with a small ISP but perhaps you get better security with a large international company -- who knows? Unless you host your mail server right there on your own computer, you're always in the hands of someone else. And don't forget that you need to transfer the files to your client securely... in other words, he must log in to your computer directly to get his files.
| | |
|
|
|
| @ Simone: A bit off-topic | Jan 18, 2011 |
Simone Linke wrote:
Another option - although also a possible prey for hackers - would be to use your own Webspace / FTP server. Some of the agencies I work with send me a link to the translation files on their secure FTP server, and in a separate mail, they send the password for the protected files. That means, not only are the files stored in a (more or less) secure location but each individual file is also protected with a unique password.
Of course, if the recipient's account has just been hacked, the hacker will have access to this file, BUT I don't see how you could be sued in this case because the client's account got hacked and you didn't do anything wrong.
Also, if you put your translations on your own server and let the client download them, you can delete them after a week or so, and then it's the client's responsibility to ensure their subsequent confidentiality if needed. Thus, you will have more control over the files than you would have if you sent them via e-mail.
Hello Simone,
Let me add one thing to what you wrote.
If you really want to shut out the hackers, you should ask your client to send the password for the protected files via FAX, not email. That's what I used to do (and was told to do) when I worked as an office worker where I had to handle confidential information. Like you wrote earlier, emails travel around the world and could be read like postcards. Just my 2 cents and sorry for the OT.
| | | | | Security risks | Jan 18, 2011 |
I agree with Simone: "If you want absolute confidentiality, use e-mail encryption or do not use e-mails at all." If you don't use proven and reliable email encryption, confidentiality is compromised.
Even the best of firewalls is not impregnable: anything on the Web is potentially accessible by those without a need to know.
The more secure ways are to do the translation on the end-user's PC or network and on their premises, or to save the translation on removable media... See more I agree with Simone: "If you want absolute confidentiality, use e-mail encryption or do not use e-mails at all." If you don't use proven and reliable email encryption, confidentiality is compromised.
Even the best of firewalls is not impregnable: anything on the Web is potentially accessible by those without a need to know.
The more secure ways are to do the translation on the end-user's PC or network and on their premises, or to save the translation on removable media only and then hand-deliver it. Time and distance often militate against these solutions.
Sending it by courier or recorded mail service is more secure than email but nevertheless entails the risk of loss or theft. ▲ Collapse
| | | | To report site rules violations or get help, contact a site moderator: You can also contact site staff by submitting a support request » Google Docs and confidentiality | Wordfast Pro | Translation Memory Software for Any Platform
Exclusive discount for ProZ.com users!
Save over 13% when purchasing Wordfast Pro through ProZ.com. Wordfast is the world's #1 provider of platform-independent Translation Memory software. Consistently ranked the most user-friendly and highest value
Buy now! » |
| | TM-Town | Manage your TMs and Terms ... and boost your translation business
Are you ready for something fresh in the industry? TM-Town is a unique new site for you -- the freelance translator -- to store, manage and share translation memories (TMs) and glossaries...and potentially meet new clients on the basis of your prior work.
More info » |
|
| | | | X Sign in to your ProZ.com account... | | | | | |
Login to reply/comment 
