Re: Post Windows World
"Read and digest: http://philstephens.com.au/security-for-google-drive-businesses/"
I had a quick look. I came across this "Instead of documents being emailed around the company, they can be shared via email. This means that all that is sent is a link."
What's to stop emailing links being done if the storage is in-house? Alternatively, what's to stop complete docs being emailed if storage is on someone else's computer?
Whilst not wishing to cast aspersions on Google's security measures (other, of course, than the fact that they're open to hidden NSA demands in a way that an in-house system isn't, a major consideration if you're in the EU) the generic issue still exists. You're now dealing with three attack surfaces, the in-house one which may now be smaller; someone else's which, as another commentator has pointed out, you can't visit or audit its physical security; and the connections between the two.
It's not Luddism to point out the smoke and mirrors. Nevertheless, maybe I'll adopt "and Enoch shall break them" as a sig.