Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

LA's Move To Google Apps Slows As "Apps For Gov't." Announced

kdawson posted more than 4 years ago | from the cloud-of-pain dept.

Google 98

Several readers noted Google's announcement yesterday of Google Apps for Government: "The new version is a variant of Google Apps Premier edition, and includes the same core apps: Gmail, Calendar, Docs, Sites, Groups, Video, and Postini. Pricing is the same as for Google Apps Premier: $50 per user per year. The certification says that Google Apps qualifies for is called a FISMA-Moderate rating, which means that it's authorized for use with data that's sensitive but unclassified. In addition, Google says that it's storing government Gmail and Google Calendar on servers that are isolated from those used for non-government customers, and which are located in the continental US." This service might be just what the city of Los Angeles needs (though the price may not be right). LA started migrating months ago to Google Apps, and the process is experiencing some delays, as pointed out by reader theodp. "In December, Google tooted its own horn as it celebrated edging out rival Microsoft to win a high-profile, ironically Microsoft-funded contract to supply email and collaboration software to the City of Los Angeles. Now comes word that the search giant has missed a June deadline for full implementation due to lingering security concerns. Google downplayed reports of the delay, saying it was 'very pleased with the progress to date' which has allowed 10,000+ of the City's 34,000 employees to use Google Apps."

cancel ×

98 comments

Sorry! There are no comments related to the filter you selected.

Meh... more cloud stuff (4, Insightful)

mlts (1038732) | more than 4 years ago | (#33049046)

Maybe it is because I'm an old hand (and I'm speaking for myself here), but there is something about having physical control of data in house, in a data center. This way, unless there is a network intrusion, one knows where critical information resides.

With a cloud provider, all I have is a promise of security.

This isn't to say that Google isn't secure, but I personally trust good locks on the doors and all people who have access to the data having signed contracts more than just a piece of paper with a promise that things are secure.

Re:Meh... more cloud stuff (1)

jgagnon (1663075) | more than 4 years ago | (#33049080)

When it comes to anything sent over the Internet (most WAN stuff, for instance), you do not have physical control over your data, regardless of where it originates. Unless you are running direct links to and from every site, that is. Even with liberal use of encryption you run significant risks once you open the traffic up to public channels.

Re:Meh... more cloud stuff (3, Interesting)

mlts (1038732) | more than 4 years ago | (#33049218)

Yes, data is sent over, but the DB processing and storage should be in house. Another reason to keep data in house:

Jack, who has some basic Linux skills wants to make some money on the side in his job in a data center. He copies some credit card numbers from his work and sells them. His company takes the heat, does an audit of who had last access to that tablespace that wasn't normal, and finds that Jack was doing a SELECT on it. Jack almost definitely will end up facing civil/criminal repercussions for the action.

Joe who is working in a cloud provider does a strings on a .vmdk file, gets a similar list. He has no loyalty to the cloud provider's client... that's just some company or organization storing files at his workplace. So, he doesn't feel any reason why not. He sells the list, the cloud provider's client gets the heat for the compromise, and maybe the cloud company may be found responsible for the leak. However, there is no certain audit trail or chain of custody present like there is by keeping data in-house. Maybe sometime in the future some file audit or accounting daemon might show the read or some shell log show the strings command, but it may never happen.

Again, with data in-house, there is an access log record, a video log from the cameras, a log from the ACE servers of access, the audit logs from Active Directory, the logs from the routers. All of this ensures accountability for everyone involved. Outsourcing to a cloud provider? Got none of that. There is no solid chain of custody.

Re:Meh... more cloud stuff (1)

c++0xFF (1758032) | more than 4 years ago | (#33049480)

The solution to problems like this: encrypt all data in the cloud.

Unfortunately, this runs into the same problems as DRM: the cloud applications need the encryption key, which means that the cloud has access to unencrypted data at some point.

But at least exposure is limited to actively accessed data, right?

Re:Meh... more cloud stuff (1)

Danathar (267989) | more than 4 years ago | (#33049546)

Your assertion that the same species of homo sapiens running your operations (on average) are any less vulnerable to incompetence and the negative aspects of human nature than the ones running the offsite data center is bogus.

Re:Meh... more cloud stuff (0)

Anonymous Coward | more than 4 years ago | (#33049870)

If push comes to shove, the workers ones in the in-house data center can face a lot more criminal/civil charges than people running a cloud provider. Worst a cloud client can do is maybe try to sue, and in any case, the cloud provider employees will likely face little to no consequences for compromising a client of their company.

Another example: A disgruntled admin at Foo.com leaves a logic bomb behind that does an rm -rf /. He gets caught for it and ends up paying the civil and criminal cost. A disgruntled admin at bazcloudprovider.com does an rm -rf /net/foo.com. Foo.com has no recourse here, other than begging bazcloudprovider.com to do something. All foo.com has as a legal remedy is a piece of paper, and if the court case against bazcloudprovider gets heavy, they can just file bankruptcy and reform.

Don't forget that with a cloud provider, internal stuff becomes external stuff. So this means beefing up the network infrastructure. It is cheaper to drop more LAN connections than add WAN/Internet peers, especially these days where almost any ISP meters data. A cloud E-mail provider means an internal message crosses into the Internet at least twice.

Re:Meh... more cloud stuff (2)

bberens (965711) | more than 4 years ago | (#33050040)

I don't understand what would cause you to believe that a person working for a cloud provider who commits a criminal act somehow has a get-out-of-jail-free card.

Re:Meh... more cloud stuff (1)

ducomputergeek (595742) | more than 4 years ago | (#33049588)

This day in age, if your storing credit card numbers instead of a token, you're doing it wrong. And if your gateway doesn't support tokenization, get one who does. They'll meet or beat your current processing rates.

Re:Meh... more cloud stuff (2, Insightful)

PopeRatzo (965947) | more than 4 years ago | (#33050104)

Jack, who has some basic Linux skills wants to make some money on the side in his job in a data center. He copies some credit card numbers from his work and sells them

So Jack also has some encryption-breaking skills?

However, there is no certain audit trail or chain of custody present like there is by keeping data in-house.

Does having data stored off-site necessarily mean there is no "audit trail or chain of custody"?

I think you attribute a level of care and protection to in-house data centers that has not shown itself to be the case in real life.

Re:Meh... more cloud stuff (1)

skarphace (812333) | more than 4 years ago | (#33063108)

However, there is no certain audit trail or chain of custody present like there is by keeping data in-house.

Does having data stored off-site necessarily mean there is no "audit trail or chain of custody"?

I think the problem is that you're dealing with another company. I'd imagine any interaction after a breach could be like this:

You: "We think your systems were breached and we lost sensitive data."
Them: "That couldn't have been us. It must have happened on your systems."
You: "No, we're sure it was not us, it was you."
Them: "Nuh-uh!"

Then where do you go from there? You start a lawsuit? You just forget about it? Maybe I'm missing something, but this kind of interaction sounds much more difficult than just going downstairs to talk to your own employees about the breach.

Re:Meh... more cloud stuff (0)

Anonymous Coward | more than 4 years ago | (#33050468)

I'd like you to back up your claim that data access in a cloud service isn't audited. That sounds like fear mongering to me, and not much else.

From my experience working for one, cloud services are a lot more like taking your money to the bank for deposit compared to taking it to Jimmy over on 4th and Broadway who hides it in one of many matresses he has in his basement.

Re:Meh... more cloud stuff (1)

MightyMartian (840721) | more than 4 years ago | (#33049630)

If the data is encrypted, it sure isn't. I run a three node OpenVPN network (soon to be expanded to six locations), and I'm fairly confident that the data is safe, the weak points being, of course, email to outside locations. Any databases that are accessible by public websites we host are on separate servers from our internal data.

There's no way to absolute remove the possibility of data theft, but one can heavily minimize it. First on that list is not having critical or confidential data being hosted by outside servers. I use Google Docs and GMail for personal stuff I don't give a crap about, but I'd never trust business data to them.

Re:Meh... more cloud stuff (1)

bberens (965711) | more than 4 years ago | (#33050160)

I don't disagree with you at all, except that I think you're falsely assuming that most businesses operate like yours. I think it's great for small businesses who haven't quite gotten big enough to justify full time IT staff. The e-mail at your 10-store bakery chain probably isn't valuable enough to worry about it. And those bakeries don't have a WAN, or probably even VPN to the "corporate office" which consists of a small extra room in the back of one of the bakeries.

Re:Meh... more cloud stuff (1)

Andy Dodd (701) | more than 4 years ago | (#33049678)

My guess is that 75%+ of the City's email traffic is internal.

For these government organizations, along with probably the majority of corporate users, 90%+.

Thus for a "hosted" solution, traffic that used to be 90% internal to your network becomes 100% external.

Re:Meh... more cloud stuff (1)

Monkeedude1212 (1560403) | more than 4 years ago | (#33049222)

Personally, my biggest concern is that they kind of determine how redundancy works.

I mean, don't get me wrong, redundancy is a good thing - but when you aren't in control of it - your data is put into the hands of people you don't even know, and you won't even know it.

It's one thing to know that Google holds your documents, and that anyone at anytime could walk off with that server. At least then you'd know theres a breach and you've been compromised. Network breaches aside, as that can happen to you just as well as Google, and you can even try to hack into your own data to test Google's security.

The problem comes up when they have to copy the data onto another drive or media in order to keep a backup in case things go down. You can set up a contract and decide on how you want things done - but you'll never know if they make another copy for their records or not. And everyone knows its good practice to keep a backup offsite - so you're essentially trusting it to leave the building in the hands of someone you don't know.

Re:Meh... more cloud stuff (1)

DrgnDancer (137700) | more than 4 years ago | (#33049802)

I don't think a lot of people understand how much large companies and the government already trust other companies and entities with their data. Look at DoD contractors. Now because of the nature of the work they do, many employees of contractors have a security clearance. It could be argued that since they've been vetted by the government directly (something that isn't common in non-DoD or DoE contracts) it's quiet reasonable that they should be given access to government data. That isn't the whole story though. There's lots of "unclassified, but sensitive" government data handled within these companies by uncleared people. Venture outside of DoD, into the DoI, DoT, FDA, or thousands of other government organization that employ uncleared contractors and you're talking literally tons of government data in the hands of non-government employees that the government hasn't even thought about vetting.

Now most of these companies destroy classified documents on site when the need arises. Transporting classified is considered dangerous and unless there's a need to carry specific information from one place to another it's archived in place until the time comes to destroy it. What about unclassified data? Many (all that I'm aware of though I admit I haven't been everywhere) contractors subcontract out the destruction of their government "sensitive, but not classified" and "company sensitive" garbage to other companies (Iron Mountain is by the far the most trusted and well known from what I've seen, but there are others). Many also pay Iron Mountain to stored archived data, both physical and digital (off-site backup tapes and the like, to my knowledge IM doesn't run data centers).

What about outside of Government world? Well, at least two of the other companies I've worked for have also used Iron Mountain (one was a very small company, the other quite large) for archiving and destruction of "company confidential" information. Of the other place I've worked, I don't know. I wasn't in a position to worry about it at most of them. I'd be willing to bet some money that at least half of Fortune 500 companies make use of Iron Mountain or a similar service though.

One Fortune 50 company I've worked for had actually subcontracted their entire IT infrastructure to Dell. Dell ran the servers, our internal help desk calls went to Dell employees, Dell techs came to our desks and replaced the parts in our Dell workstations when something physical died. Below the executive level their was no $company IT. There was simply a Dell $company Division.

Re:Meh... more cloud stuff (1)

bberens (965711) | more than 4 years ago | (#33050236)

You've hit the nail on the head. My "household name" employer outsources almost everything to an outside vendor.

Re:Meh... more cloud stuff (2, Interesting)

betterunixthanunix (980855) | more than 4 years ago | (#33049768)

Strictly speaking, you only get marginally more security when you run your own datacenter than when you use a cloud provider, assuming that you have competent security staff in your datacenter. The only real risk cloud providers carry that internal datacenters do not is the risk that your data may accidentally be copied into someone else', thus leaking your information; assuming that the cloud provider's software does not have such a serious bug, what more security do you really get? Your datacenter still has to be staffed, and there are still going to be people who are not necessarily trustworthy -- janitors, IT tech/interns, etc. Additionally, it is not that far fetched to demand that cloud providers encrypt your data when it is not in active use, and in the coming years it is likely that we will see more developments in homomorphic encryption which will allow your data to be encrypted while it is in use, further adding to the security.

My issue with cloud providers is the libre software issue: you become reliant on the cloud provider for your software, and the cloud provider basically holds your data hostage. I really do not want Google to be given so much power -- when Google controls government data, and presumably charges the government a fee for the services they provide, that gives Google some pretty serious leverage and lobbying power. It would not even be obvious -- suppose the government wants to raise taxes on energy used by large data centers, and Google says, "Well if you do that, we'll be forced to increase our service fees..." Does that situation seem far fetched to you?

Re:Meh... more cloud stuff (1)

Miseph (979059) | more than 4 years ago | (#33053596)

"suppose the government wants to raise taxes on energy used by large data centers, and Google says, "Well if you do that, we'll be forced to increase our service fees..." Does that situation seem far fetched to you?"

As an avowed liberal: in what universe is the government averse to spending more money for identical results? That's pretty much how they roll. Heck, in your scenario, I'd expect some of the officials involved to be in tight with Google and support it on the grounds that the user charge is actually a percentage above cost rather than a flat fee (eg. profits go up proportionately to costs). Funneling tax money into their wallets is pretty much what a lot of these guys do for a living.

Re:Meh... more cloud stuff (1)

Martin Blank (154261) | more than 4 years ago | (#33050606)

I am largely in the same thought mode as you, but aren't the contracts that you mention just a piece of paper with a promise that they'll abide by the rules in the contract?

If you sign a contract with an outside provider, they should have to meet certain third-party audit requirements. If you've got PHI, they should be HIPAA-compliant. If they're dealing with credit cards, PCI compliance is mandatory. Individual states may have other requirements which are documented and should be audited by third parties, or by the state.

Apps for Government does help mitigate some of my concerns. Unfortunately, I'm not really certain how it would apply in situations where some mail must be encrypted (as is done where I work) or where mail must be treated differently depending on content, but I also haven't looked at the details of what Google offers. A few other points are around (such as getting the mail back in an Exchange-friendly format should the contract be terminated), but Google does seem to be taking seriously the issues brought up by the governments. If they create the path, I'm sure others will follow suit, and a competitive environment could come about.

Re:Meh... more cloud stuff (1)

Late Adopter (1492849) | more than 4 years ago | (#33050736)

With a cloud provider, all I have is a promise of security.

Well, no, you have a contract. The same way most places subcontract their physical security too. You accept there's some possibility of screw ups but at least cede that people doing this for a business might have better skills at something that's outside your core competency.

Re:Meh... more cloud stuff (-1, Troll)

Anonymous Coward | more than 4 years ago | (#33051040)

sorry but is a contract not a piece of paper with a signature on it?

the idea that a single individual would be more (or less) honest then a corporation or private business signing a contract with the same terms is, to me, negligent.

cue the grammar Nazi's, i am posting twit mode.

and for the record the only reason Nazi is capitalized is i couldn't spell it right so my good buddy FF fixed it for me.

Give me JUST ONE example (2, Funny)

wsanders (114993) | more than 4 years ago | (#33051916)

Give me just one example of sensitive data that gas escaped from a major cloud service (Google, Amazon, etc), and I'll give you 10 more examples of data that has escaped from an incompetent IT organization's in house systems. Do *your* in house systems allow you to configure ALL your user's desktops and laptops to be completely disposable, with no other software necessary than a recent version of Firefox or Chrome? Never had a DBA accidentally botch a transaction, do your users never accidentally delete email, never had a spearphishing attempt slip though your spamassassin filters? Never put off a software upgrade because your users were to busy for downtime? Never had a backup fail?

Let's just admit it's all the politics of control, which is fine. Personally, I'd rather not do the shit work of reading log files, restoring lost email and files, forgotten passwords, and cleaning up the mess when a user gets phished.

Seems odd (3, Insightful)

MBGMorden (803437) | more than 4 years ago | (#33049092)

I work in a relatively small government organization - about 1200 people, only about 350 of which are office workers - and I can't imagine us even remotely considering this. Anything that involves storing ANY of our data on a server that doesn't reside in one of our 3 data centers is automatically nixed by IT. Heck, if you've got a decent IT staff, setting up basic stuff like webmail and the like isn't even that difficult or expensive. Apache, Horde, Postfix, and Dovecot will get you mostly there for nothing more than the cost of a decent server ($2k tops) and the time of a staff member to set it up (and that time, for full-time employees, is typically already paid for, so you might as well use it).

Re:Seems odd (0)

Anonymous Coward | more than 4 years ago | (#33049148)

And if you could outsource half of your IT department to Google how much would you save? And less the cost of running 3 datacenters - if it's really a datacenter and not a oversized server room it's not cheap.

Re:Seems odd (0)

FuckingNickName (1362625) | more than 4 years ago | (#33049224)

A "datacentre" /is/ an oversized server room - no need to get all elite-penis-comparison. And a small, highly competent IT department will tailor its systems precisely for business needs, saving money and time over the one-size-fits-all Google approach. I don't know what kind of incompetent IT staff cost so much that people think they need to hand their work over to Google - perhaps I just don't meet enough incompetent IT staff.

(Of course, we know what's really happening: It looks like a money-saving item in the short term, and this will give the manager an appropriate bonus.)

Regardless, Google simply isn't an acceptable option for privacy reasons. Just as it is unacceptable that the British government contract out data handling to BT - though occasionally you can opt out.

Re:Seems odd (0)

Anonymous Coward | more than 4 years ago | (#33049432)

And a small, highly competent IT department will tailor its systems precisely for business needs, saving money and time over the one-size-fits-all Google approach.

Having a lean, highly competent IT department is a management feat - it's way easier to see fat, grossly incompetent IT departments - and Google is a cost saving option to organizations in this situation.

Re:Seems odd (4, Insightful)

squiggleslash (241428) | more than 4 years ago | (#33050056)

And a small, highly competent IT department will tailor its systems precisely for business needs, saving money and time over the one-size-fits-all Google approach.

Codswallop.

A small, highly competent, IT department will make the best use of the resources available. The fact it's small means it's not going to have time to "tailor its systems" for anything. So it's safe to say it'll do the same thing every business's IT department does: it'll buy a one-size-fits-all solution from Microsoft, IBM, or it'll spend some time learning how to put together the same capabilities from open source components such as Dovecot, Evolution or Thunderbird, and the various other free components that do roughly the same thing.

Sooner or later, you find things that every business needs. They need an email system, a system of published calendars, and some central document repository. What do they need out of the email system? Pretty much everything that Exchange, Notes, Evolution/IMAP, and Google Apps/GMail does. What do they need out of the system of shared public calendars? Pretty much everything that Exchange, Notes, Evolution/IMAP, and Google Apps/GMail does. What do they need out of a central document repository? Pretty much everything that Sharepoint, Notes, a combination of MediaWiki+Apache+NFS shares, and Google Apps/Documents does.

These are "one size fits all" products for a reason, their one size fits all. Every business needs them just as every business needs one-size-fits-all personal computers, and every business needs one-size-fits-all phone systems, and every business needs one-size-fits-all lights. Insofar as there are differences between the different needs of, say, a contractor and a giant megacorp, that's where licensing and additional services come in.

Hard to see what a "highly competent" IT department would do differently. Design an entirely new email system that's unlike all the others? Great if they have time, I challenge you to find a small IT department capable of doing any such thing, and I challenge you to find one that would design anything that's neither worse than what everyone else does for the intended users, nor itself a one-size-fits-all system that would work for everyone.

Re:Seems odd (1)

Mongoose Disciple (722373) | more than 4 years ago | (#33050858)

Pretty spot on. I only disagree with you inasmuch as you make using Notes on purpose seem like a reasonable idea. :)

Re:Seems odd (1)

FuckingNickName (1362625) | more than 4 years ago | (#33054424)

Hard to see what a "highly competent" IT department would do differently.

You lack imagination. Every business has different workflows from every other. The job of IT is to configure available software and write glue code to ensure as much as possible is automated and anything requiring human interaction is quickly accessible.

Let's say for example that the business handles some subscription process. IT's job would be to write code to handle the various possible subscribe states, transitioning automatically with time events. Where human intervention is required, entering a name should immediately provide a screen with subscriber state, history, and the option to transition between states - all database updates, reminders, update of accounting databases etc are done automatically.

You will, having thought a bit and found out that even Google agrees, be itching to point out the glorious lock-in that is Google Apps Script [google.com] which has been gradually coming out of experimental over the last year. Hell, some of it is even available to non-Premier customers. But that's the point. Who wants to be at the mercy of one provider's limited programming environment? Mail services: (1) sendEmail; (2) getRemainingDailyQuota. Uhuh.

(At least they're using Mathematica-style notation for optional arguments.)

IT is also there to ensure the fundamentals of computing security are followed such as the principle of least privilege. Google Docs immediately fails on this because Google has the ability to analyse rather than merely store your data.

Re:Seems odd (1)

DragonWriter (970822) | more than 4 years ago | (#33058946)

You will, having thought a bit and found out that even Google agrees, be itching to point out the glorious lock-in that is Google Apps Script

Actually, while you can use Google Apps Script for workflow programming, what I would point out is Google App Engine, which integrates with Google Apps for domains, which, since independent implementations of the APIs exist, isn't lock in, and is far more capable. Apps Script is essentially "macros on steroids", and I'd suggest that they would be best seen as serving the same role as macro programming in existing office suites.

Re:Seems odd (1)

FuckingNickName (1362625) | more than 4 years ago | (#33066670)

what I would point out is Google App Engine

That's the opportunity to run your Java bytecode or Python on their boxes with a set of APIs for Google's raw cluster services. It's hardly the first port of call for building typical small business glue code on existing software.

since independent implementations of the APIs exist, isn't lock in

This is as specious as ".NET isn't lock-in because Mono".

Apps Script is essentially "macros on steroids"

Apps Script is far more limited than, say, MS Office macros. Office macros are just a special case of use of the general Windows scripting framework, with all sorts of software exposing .NET/COM objects at different levels.

Re:Seems odd (1)

DragonWriter (970822) | more than 4 years ago | (#33070352)

That's the opportunity to run your Java bytecode or Python on their boxes with a set of APIs for Google's raw cluster services. It's hardly the first port of call for building typical small business glue code on existing software.

Nor did I recommend it for "building typical small business glue code on existing software".

I said it was the more capable, more portable, less locked-in choice for implementing workflow management, when compared to Google Apps Script, for Google Apps users.

This is as specious as ".NET isn't lock-in because Mono".

Well, I'd agree, but in exactly the opposite sense that you intended, since -- presuming one doesn't use features of .NET that aren't present in Mono -- .NET isn't lock-in because of Mono. If an open-source alternative that supports the same APIs is availabe so that you are not dependent on the original vendor for continued support of the platform on which your custom code runs, you aren't in any meaningful sense "locked-in" to anything. So neither is specious.

Re:Seems odd (1)

FuckingNickName (1362625) | more than 4 years ago | (#33071232)

I said it was the more capable, more portable, less locked-in choice for implementing workflow management, when compared to Google Apps Script, for Google Apps users.

And how, exactly, do you intend to justify a restrictive barebones cluster storage platform for productively implementing typical business workflow management?

If an open-source alternative that supports the same APIs is availabe so that you are not dependent on the original vendor for continued support of the platform on which your custom code runs, you aren't in any meaningful sense "locked-in" to anything.

Meanwhile, in the real world, the OSS reimplementation ends up thoroughly incomplete, lagging and displaying quirks which means you either have to write to a crippled subset or give up and do what MS expects you'll do and move to their fully featured platform.

And that's just when some of the platform has the stamp of a vaguely independent standards body. Google's platform, meanwhile, is open in the same way Flash is open.

In theory, lock-in never exists because you could always reimplement the API as well as the original. In practice, to prevent lock-in you need a clear divide between standard and implementation. Even W3C does it wrong with HTML by giving way too much weight to the wishes of Apple.

Re:Seems odd (1)

Cornwallis (1188489) | more than 4 years ago | (#33049400)

Wait until the first lawsuit the city faces after some confidential info gets "released" from the cloud.

Re:Seems odd (1)

Mongoose Disciple (722373) | more than 4 years ago | (#33051256)

It's possible, although more than for just about any private business, paperwork/information/emails of city governments are usually considered to be public information subject to disclosure on demand -- even including a lot of things I wouldn't have expected before working a contract for one.

Not that there isn't some information that isn't in some cases, but your odds of randomly hitting confidential information are much lower than with most corporations.

Re:Seems odd (1)

FunOne (45947) | more than 4 years ago | (#33049436)

Yes, all you need is a top-notch group of administrators with up-to-date skills to setup the system and monitor every security mailing list so that nothing leaks out. Plus routine maintinance, handling user requests, backup, recovery, and environment testing. Throw in their salaries along with datacenter floor space, power, and cooling on run-time costs not to mention depereciation and support on the hardware. Don't forget the additional staff time to document and track changes so that if someone leaves, dies, or is fired that the system can continue running.

This is a problem with many lines of work, not just IT and I deal with it daily: You cannot count on superman to do the job. Just because your current staff is top notch doesn't mean they'll still be there if another web boom happens. Then what?

We've gone through all this before. Your organization probably doesn't employ its own elevator or copier techs either.

Outsourcing commodity services, such as e-mail, saves serious money and provides better service.

Re:Seems odd (1)

turbidostato (878842) | more than 4 years ago | (#33049744)

"Yes, all you need is a top-notch group of administrators with up-to-date skills to setup the system and monitor every security mailing list so that nothing leaks out. Plus routine maintinance, handling user requests, backup, recovery, and environment testing. Throw in their salaries along with datacenter floor space, power, and cooling on run-time costs not to mention depereciation and support on the hardware. Don't forget the additional staff time to document and track changes so that if someone leaves, dies, or is fired that the system can continue running."

It seems you are implying that Google is cheaper because somehow they don't need to have all those things.

"This is a problem with many lines of work, not just IT and I deal with it daily: You cannot count on superman to do the job. Just because your current staff is top notch doesn't mean they'll still be there if another web boom happens. Then what?"

It seems you are implying Google somehow won't suffer such a problem... maybe because they don't hire top notch staff?

Re:Seems odd (2, Informative)

DrgnDancer (137700) | more than 4 years ago | (#33050174)

No Google is cheaper because it economizes such things. Think about it, Google is already running data centers with thousands of computers in them, it's cheap for them to add another rack or two for what you need. They've probably already got the backup capacity, the redundant data center. They've got hundreds of skilled technicians, programmers, and admins on staff already. They're specialists. All they know is data centers, and it works because they're selling you a data center (or at least a little piece of theirs). They don't have to document your setup, it's just like all the other setups and if the guy who runs yours picks up and leaves he can be replaced by the guy next to him.

The downside of this is that you get what Google gives you. It's not a perfect system. You can't call up IT and ask them to whip up a new CRM, or change out your mail server for something different. You have certain options, sure. Certain menus of choices, but not the near complete flexibility of in house IT. It seems to me that their are two main questions you want to ask when it comes to using a cloud provider for theses services:

1) Will it actually save you money? Don't discount this, it will save many organizations lots of money. Google does what they do well, and has definite economy of scale on its side. Do a fair comparison and see if it will save your company money.

2) Can you afford to lose the flexibility. Lots of companies can. You have to think about this one, do you really need this level of flexibility, or are you holding onto it because it seems "safe"?

There's lots of other things to consider of course. There's the level of trust that you, personally, have for the cloud provider. How much money you'll be saving vs. how much pain it's going to cost. But really it all pretty much boils down to: Will it save me money, and will it accomplish what I need. Assuming the answer to both questions is yes, it's probably something that should be looked into.

Re:Seems odd (1)

turbidostato (878842) | more than 4 years ago | (#33050498)

"No Google is cheaper because it economizes such things."

Yes, I know the argument but still haven't seen the case for it or the how.

It's obviously true you gain from economy of scales when going from one user to two users; from two to three, etc. but is there a ceiling on the gainings?

Where else can you go cheaper once you can pay for, say, three people on staff and two colocated servers with some proper backup/restore in place? Where are the economies of scale from serving 10.000 people to serving one million? There *is* economy of scales and there is a fact that the more of a comodity the higher the ceiling but it's false that economy of scales is everything it goes.

In my apreciation Google has made for the "economies of scale" argument on this much more than facts can support: their products are just basically functional and not as stable as publicly sold. In my observation they are not cheaper because of economies of scale but because they offer an inferior product backed up with the proper marketing brouhaha.

Re:Seems odd (1)

DrgnDancer (137700) | more than 4 years ago | (#33050838)

I'll not disagree with you that there is likely very little advantage to large company or government organization going to something like Google. When an organization has reached a size sufficient that it can comfortably support (and has need for) a decent sized internal IT team, multiple data centers, and all the sundry things like data center wide redundant power and backup, it probably won't be saving money going to Google. You'll note that I never claimed otherwise.

Compared to most small and even many medium sized businesses, Google can save a lot on economies of scale, but after a certain point I think they lose some if not all of their advantage. Again, I point you at the two primary questions 1) will this save me money, and 2) will it provide the service I need. I don't personally know where the break even point is. It probably varies. A technology focused company, say an IT service provider, will probably have the house expertise to make the break even point a really small number. A chain of bakeries with a really distributed business model and not much in house IT knowledge might have a much higher break even point.

Re:Seems odd (1)

Chuck Chunder (21021) | more than 4 years ago | (#33053964)

I'll not disagree with you that there is likely very little advantage to large company or government organization going to something like Google.

I suppose that may depend on how they are handling mail etc now. If different units within the org are handling their own servers then there may be a lot of redundant duplication of effort that could be cut out by moving to a single external provider.

A technology focused company, say an IT service provider, will probably have the house expertise to make the break even point a really small number.

I disagree with that because that's the sort of company I work in! We have the in house expertise but that expertise is used far more effectively in delivering services to our customers.

Having them spend any time whatsoever babysitting something as colossally dull as mail/calendar etc would be a waste of their expertise.

Re:Seems odd (1)

FunOne (45947) | more than 4 years ago | (#33050212)

It seems you are implying Google somehow won't suffer such a problem... maybe because they don't hire top notch staff?

No, they have hundreds and a customer base to spread the costs of all those other items thinly enough to make sense. Having 3 datacenters and a full IT staff to support 1k odd people has to be justified and providing e-mail and document services can be done so cheaply it makes no sense to keep it in house.

In fact, that argument has been made so well that many large universities have moved to Google provided services. Providing e-mail is a commoddity business, so let the lowest cost provider do it.

Re:Seems odd (1)

cdrguru (88047) | more than 4 years ago | (#33052760)

Not at all. Google has found a way to monetize providing free services to people. If you buy into it, you are not taking advantage of Google's generousity. You are providing revenue to Google through information (which they sell) and an advertising channel.

The assumption is, in using Google services, that you are getting more out of the deal than they are. This can't possibly be the case or they wouldn't do it. So you just don't know exactly how they are benefiting from providing these services. Trust me, it isn't because they are such nice people.

Re:Seems odd (0)

Anonymous Coward | more than 4 years ago | (#33053706)

You are providing revenue to Google through information (which they sell) and an advertising channel.

Google does not sell personal information -- they use information to show ads. Information brokers already exist which collect and sell your personal information, and have existed long before Google. Everyone talks about how big web companies sell your information, yet nobody ever provides credible evidence; this meme needs to die. Even Facebook, which has more information than just about anyone, only uses it to match and show ads, rather than selling your personal account details for money.

Also, the paid version of Google apps does not have ads. You can choose free + ads or paid + ad-free, and that seems reasonable to me.

Re:Seems odd (1)

Danathar (267989) | more than 4 years ago | (#33049492)

Yes, because it's not like the Government has been outsourcing Data center operations to OFFSITE contractor DATA CENTERS for CLOSE TO 50 YEARS. If it's good for a DOE Lab it's probably good enough (security wise) for you...assuming you are not in classified work.

Other issues....

1. Decent IT staff

2. Basic Stuff (that never changes)

3. Not that expensive (for now...)

4. It costs nothing more than xxx

Unless you expect your operation to NEVER expand, and you expect ALWAYS to have decent IT staff.....

I don't know what world you live in, but it sounds like a cool job that allows you to eat Cheetos all day and surf the web since it requires 3 people to manage...

Unfortunately, doesn't work in practice. (1)

Kupfernigk (1190345) | more than 4 years ago | (#33049682)

Tell me what decent IT staff would want to do the boring job of maintaining small email, web and IM servers for a few hundred people? It will get put to the end of the queue and forgotten about. I've yet to find a single person who can install a half decent mail server from scratch and and be bothered to do the work of maintaining it for year after year. This is one case where economies of scale are everything and Taylorism has a place. Efficient IT infrastructure needs to be big so that there's enough challenges for the MScs to keep them interested, and enough grunt work for the support army to cover for the inevitable churn of the boring low level jobs.

Re:Seems odd (1)

nine-times (778537) | more than 4 years ago | (#33049970)

Heck, if you've got a decent IT staff, setting up basic stuff like webmail and the like isn't even that difficult or expensive.

Well in fairness, part of the question is, "Is it more difficult and expensive than Google, and does it provide the same results?" We can argue about the pros and cons. I have my own mail server, but the Gmail web applications are better, Google's datacenter is better, and ultimately it'd be easier to run my mail through Google. Of course, if I were going to switch over, I'd have to make sure I trusted Google more than I trusted my own datacenter and backups.

So yes, there are pros and cons, even if you have the resources to run your own mail.

Re:Seems odd (1)

talldean (1038514) | more than 4 years ago | (#33050172)

And backup of that? And an offsite backup? And nights-and-weekends support if it goes down? $50/user is *cheap* for reliable webmail, let alone file sharing, collaborative docs, and calendaring.

Re:Seems odd (3, Funny)

stephanruby (542433) | more than 4 years ago | (#33050506)

I work in a relatively small government organization - about 1200 people, only about 350 of which are office workers - and I can't imagine us even remotely considering this. Anything that involves storing ANY of our data on a server that doesn't reside in one of our 3 data centers is automatically nixed by IT.

Yes, every government organization has at least one Terry Childs who's been there for 20 years and who will do whatever is necessary to protect his little fiefdom. I feel kind of bad for you.

I assume you guys also do your own payroll, manage your own 401a/pension plans, store your own paper archives, repair your own photocopy machines, do your own warranty work on failed hard drives, maintain your own waste disposal landfill, do your own shredded paper disposal, and grow your own fruits and vegetables on premises as well.

Re:Seems odd (2, Interesting)

Mongoose Disciple (722373) | more than 4 years ago | (#33050900)

I assume you guys also do your own payroll, manage your own 401a/pension plans, store your own paper archives, repair your own photocopy machines, do your own warranty work on failed hard drives, maintain your own waste disposal landfill, do your own shredded paper disposal, and grow your own fruits and vegetables on premises as well.

Other than the fruits and vegetables, which I assume you threw in just to be ridiculous, the last government entity I worked for in fact did do all of those things internally.

Re:Seems odd (1)

tehcyder (746570) | more than 4 years ago | (#33054640)

They had their own landfill site?

Re:Seems odd (1)

Mongoose Disciple (722373) | more than 4 years ago | (#33055946)

They had their own landfill site?

Yup. Don't many sizeable cities have a city dump? Not just for the city government's trash, you understand, but owned/maintained by the city for its own and its residents use.

Even the much smaller suburb I live in does this.

$2K - yeah right! (1)

foxylad (950520) | more than 4 years ago | (#33053354)

Don't forget you need (at least) another server housed in another datacenter for redundancy, and a complex system to keep the redundant system data live and provide automatic failover. And you're merely hiding setup or maintenance labour costs by saying existing employees will handle all this - in fact you have to apportion a fair fraction of their total cost. Then there's the cost of the server rooms, climate control, UPS, electricity, etc.

If you bother to do the sums, you'll be appalled by the cost of providing webmail for your organisation. Now add in the cost of providing and supporting Word, Excel and Powerpoint. And the cost your websites and wikis. And even your custom web apps, and the other apps that could/should be rebuilt as web apps. Google will provide ALL this for $50/person - that's $60K p.a. for your entire organisation, assuming no discount for over 1000 people. Scared yet?

Now lets look at the risk side of the equation. There are huge amounts of FUD around this issue, but does anyone have any reliable evidence of significant privacy or data loss from Google? I can't recall hearing about a single case, despite posing this question on Slashdot before. But I have heard innumerable cases of the same thing happening from in-house systems.

Your problem is that one day someone will explain all this to your bean-counters. The opportunity to make this level of savings comes once in a lifetime for these guys, and if you are lucky they may hesitate long enough to confirm the risk-return equation before your world comes crashing down around your ears.

My advice would be to start learning about Appengine, or EC2 or Azure, and figure out how you could migrate your existing systems. Then you have a choice - if you prefer your boss and co-workers over career advancement, keep quiet until the day comes. Otherwise sit down next to a bean-counter at lunch, and start talking about clouds. You'll be head of IT within six months.

Re:Seems odd (1)

Chuck Chunder (21021) | more than 4 years ago | (#33053904)

Perhaps they should do the math [google.com] ?

Email really is a basic service. I work for an IT consultancy firm and the reality is that even for us with significant in house capability it makes more sense for our "decent IT staff" to be engaged in doing something that actually advances the delivery of our business to our customers rather than maintaining a basic service like email.

-1 offtopic...or +5 funny (-1, Offtopic)

Pojut (1027544) | more than 4 years ago | (#33049108)

I launched your mom's apps last night...sloooowly.

Re:-1 offtopic...or +5 funny (1)

jgagnon (1663075) | more than 4 years ago | (#33049186)

Good thing she had NerdBlock+ and NoNerd running. No mom for ju!

ugh (1, Insightful)

FuckingNickName (1362625) | more than 4 years ago | (#33049162)

At least I can avoid Google as a private citizen when I find its privacy practices abhorrent.

I feel sorry for the family I have in LA who won't have a choice but to have some of their government-handled private data on Google's servers.

Re:ugh (1)

FuckingNickName (1362625) | more than 4 years ago | (#33049340)

So, it's flamebait to suggest that I find it unreasonable that a government which already forces me to give it various amounts of private data will also pass that private data on to private corporations? Especially private corporations which make a business of data mining?

No problem there at all then? All going to bend over and take it? Thought so.

Re:ugh (1, Funny)

Anonymous Coward | more than 4 years ago | (#33049398)

Didn't you get the memo?

Google does no evil man.

Google's chill man. Their motto says they won't do evil.

Re:ugh (1, Insightful)

Anonymous Coward | more than 4 years ago | (#33049490)

I hate to break it to you but whatever jurisdiction you live in, private contractors are balls-deep in the every day management of your gov't data.

everyday data center operations - possibly outsourced
help desk support - possibly outsourced
application development/maintenance - possibly outsourced
overall IT architecture - possibly outsourced

Re:ugh (1)

FuckingNickName (1362625) | more than 4 years ago | (#33049702)

So what you're saying is that previous generations have lain back and taken it, so you shall too?

Especially when data is outsourced to the worst possible choice, one whose central business is examining your data to see how it can profit therefrom?

Re:ugh (0)

Anonymous Coward | more than 4 years ago | (#33050072)

I'm not sure it's possible to have a resonable conversation with someone who uses "therefrom" in a sentence, but let's try.

You're angry about how the government forces you to give them private data, and you're also angry that corporations might see your private data. How do you expect to get your driver's license if no-one has any data?

Also the public sector has been outsourcing stuff for at least 15 years, what heroic measures have you taken in that time?

Re:ugh (1)

FuckingNickName (1362625) | more than 4 years ago | (#33051048)

I'm not sure it's possible to have a resonable conversation with someone who uses "therefrom" in a sentence, but let's try.

Hm *reads post* did "lain" also worry you?

I grew up with a fairly smart friend. He was the typical engineering type while I was more of a theoretical geek. He suffered from horrible dyslexia. But he took regular lessons throughout his teenage years to help him cope with it and ended up a much more confident and capable writer.

Perhaps you should follow his example and deal with your issues with English rather than lashing out at others?

Re:ugh (0)

Anonymous Coward | more than 4 years ago | (#33051214)

Eschew obfuscation.

Pomposity alienates as many as it impresses, forsooth.

Re:ugh (1)

FuckingNickName (1362625) | more than 4 years ago | (#33052078)

Are you the geek mocked by bullies at school for sounding smart who scours the web looking to do to others what is done to you?

Protip for adulthood:

Applying full assortment of language to express ideas clearly and concisely = good.
Unnecessary appendages and other verbosity (e.g. "forsooth") = bad.
Acting like the bully who taunted you at school = embarrassing.

Re:ugh (0)

Anonymous Coward | more than 4 years ago | (#33055104)

I enjoy a good ad-hominem as much as the next guy... but that wasn't one.

Re:ugh (1)

FuckingNickName (1362625) | more than 4 years ago | (#33058418)

Correct. An ad hominem attacks the person to bolster another argument.

Re:ugh (1)

DrgnDancer (137700) | more than 4 years ago | (#33050404)

What's your suggestion then? Governments save money by using contractors. They can't hire experts in everything. So we can:

A) Spend more money and vastly increase government bureaucracy by hiring official "government" people to handle every little aspect of government work, or

B) Not give the government the basic information it needs in order to say, regulate traffic, collect trash, or enforce the laws.

You have a third option?

(Likely your option to for the government to stop collecting information at all, which I'm sure will be a great comfort when some kid puts his car through your living room window because "driver's licenses are oppression, man")

Re:ugh (1)

FuckingNickName (1362625) | more than 4 years ago | (#33050932)

What's your suggestion then? Governments save money by using contractors. They can't hire experts in everything.

This only applies when demand/supply is such that it would cost way too much to have your own infrastructure and/or experts. This might apply, say, for building aircraft. It doesn't apply for hiring computer janitors(*).

Likely your option to for the government to stop collecting information at all, which I'm sure will be a great comfort when some kid puts his car through your living room window because "driver's licenses are oppression, man"

The job of processing driver's licences (which afaik doesn't fall on the City of LA, but maybe it does) does not require complex computation or innovation. It would be cheaper to pay a group of competent men a reasonable wage to run the system rather than contracting out to a for-profit firm.

(*) The health service in the UK, for example, often decides to pay agencies twice what it would cost to simply hire a worker. The agencies provide nursing, cleaning etc staff who lack familiarity with where they work, also reducing productivity. There are many people who benefit from this corruption, but service users are not among them.

Security of Documents (1)

helix2301 (1105613) | more than 4 years ago | (#33049190)

Let’s see how this goes this brings a very big privacy and security factor into play. I can see small burrows and local entities using these services. The large government entities that need to be secure and have a lot of sensitive data not so much.

That's where the money is... (2, Insightful)

tcopeland (32225) | more than 4 years ago | (#33049230)

...and Google knows it. The government is flourishing [thefreeent...nation.org] , huzzah!

How do you know? (1)

Tickety-boo (1206428) | more than 4 years ago | (#33049266)

Ok, so they will separate your data from everyone else's, but how do you know they aren't mining your data and storing the index on another machines? Remember, Google is an advertising company first. All of the other products like Postini, gDocs, etc are there just to give them more data to mine.

Your contract may state that they are not allowed to mine or even store your filtered data, but how would you ever know? Good luck executing an eDiscovery search on largest collector of data in the world. I'm sure the attorney's would love it though.

Gdocs is not usable (1, Interesting)

Anonymous Coward | more than 4 years ago | (#33049318)

I don't know how other people feel, but I have been trying google apps and have been unimpressed. Writely is OK, but is only wysiwyg by severely limiting what you can do in a doc. It is fine for most collab docs though and sharing is great. My problems have been in using gdocs, its PDF to text conversion is a joke and is obvious just some untested open sources ocr toys. Their shareable links have been broken for weeks and is only acknowledged in their forums and somehow that isn't reported as a problem in their 'status' page. So none of my shared links work in my sites currently. Sites is an OK sharepoint-like web, but it does suffer from simplicity and general site feel much like 2007 sharepoint. You can't remove older revisions which happened to become a security issue for my group so we had to recreate some stuff. Overall it is a great free tool when you don't have anything else, but I don't think I would ever pay per seat for this. Also I think there is more to business than just collaboration tools. I figure if and whenever Microsoft gets .net fully setup in the cloud, all apps will be able to store and run in the cloud, etc.same as on disk. That is when companies can really start using the 'cloud'.

Re:Gdocs is not usable (0)

Anonymous Coward | more than 4 years ago | (#33082554)

Agreed our company switched over to it from Office 2007/Exchange. Everyone was really psyched and happy about it since we have lots of Macs and sales people on the road. About three months into it, and come Remote Desktop Services, the consensus was to switch back. That experiment lasted about three months and now we are happily back on Exchange/Office/SharePoint (which we didn't have before). Google basically provides webmail. Microsoft's solution is GroupWare with lots of business automation and business analysis tools. Also, RDS as a remote access solution is top notch. I hope Google does improve their product as we go forward because it shows some good promise, but it's not the same. Also, the cost calculation for a small business (about 100 employees) was hard to figure out. Since we already have servers (Exchange is virtualized...) and people maintaining things in house, it was hard to see (for us) how we would save much, if any money.. and even if we did how that would compare against the massive loss of features. I could see this working really well for a college, or other application where you only need webmail and a basic word processor (think WordPad).

PKI (0)

Anonymous Coward | more than 4 years ago | (#33049324)

If they CAC enable it, they'll win.

Would Be Interesting at the Federal Level (1)

BJ_Covert_Action (1499847) | more than 4 years ago | (#33049456)

Can you imagine if the federal government picked up Google tools as it's primary software? Those targeted ads would be amazing. It would make the U.S. the number one customer of some other, less popular countries industries:

"Need to spy on your citizens better, faster, and longer? Buy this new tracking software from Chang industries in China!"
"Citizens misbehaving? Pacify them with some good ol' Soviet era violence with the Stalin sub 1000!"
"Local press causing too much of a raucous? Take a lesson from down under and get Australia's new censor software 2.0!"

I'm sure you can all come up with some more creative ones.

Thumbs up for Fisma-Apps (4, Insightful)

Sub Zero 992 (947972) | more than 4 years ago | (#33049510)

This is what you get, and what - currently - only very few federal agencies can afford:

An independent third party auditor issued Google Apps an unqualified SAS70 Type II certification. Google is proud to provide Google Apps administrators the peace of mind knowing that their data is secure under the SAS70 auditing industry standard.

The independent third party auditor verified that Google Apps has the following controls and protocols in place:

  • Logical security: Controls provide reasonable assurance that logical access to Google Apps production systems and data is restricted to authorized individuals
  • Privacy: Controls provide reasonable assurance that Google has implemented policies and procedures addressing the privacy of customer data related to Google Apps
  • Data center physical security: Controls provide reasonable assurance that data centers that house Google Apps data and corporate offices are protected
  • Incident management and availability: Controls provide reasonable assurance that Google Apps systems are redundant and incidents are properly reported, responded to, and recorded
  • Change management: Controls provide reasonable assurance that development of and changes to Google Apps undergo testing and independent code review prior to release into production
  • Organization and administration: Controls provide reasonable assurance that management provides the infrastructure and mechanisms to track and communicate initiatives within the company that impact Google Apps

http://www.google.com/apps/intl/en/government/trust.html [google.com]

Sure, it comes with a risk (do you have multiple redundant and trunked high speed internet connections?) but also with enorous freeing of public funds.

In my view, a win.

Re:Thumbs up for Fisma-Apps (1)

RocketRabbit (830691) | more than 4 years ago | (#33051584)

Is it really cheaper? Bear in mind that providing an office environment for employees these days merely involves giving them any computer built in the last 10 years, and attaching them to a network with a very modest server to handle email and calendaring duties. The ongoing cost of such a move is mere power and the occasional hard drive.

If an IT staff is incapable of such mundane tasks they should be made into soylent green.

Re:Thumbs up for Fisma-Apps (1)

gad_zuki! (70830) | more than 4 years ago | (#33052870)

Right, and the functionality is worse than open office, which costs zero dollars. I'm not sure what enormous public funds are being saved here. MS Office for non-profits isn't much more expensive over three years. Something tells me this is politics as usual - selling out to a large local contractor who promises the moon and undelivers. The cloud horror stories are already out there and will continue.

Re:Thumbs up for Fisma-Apps (1)

Xarius (691264) | more than 4 years ago | (#33053932)

I assume all those apps will have offline support through a compatible web browser anyway?

LA (1)

lowrydr310 (830514) | more than 4 years ago | (#33049674)

LA = Louisana

L.A. = Los Angeles

LA - Buying? How? (1)

filesiteguy (695431) | more than 4 years ago | (#33049740)

I don't work for LA City. I do work for LA County. I also work *with* LA City. I know the city is in somewhat dire straits financially and can't imagine how they'd be buying into anything.

I am constantly fighting the "cloud" and "shared services" initiatives. They propose to save money, but you have to spend millions and reduce your service levels in order to do so.

Nothing against Google in general, I just can't imagine something like this going well in an organization the size of LA City.

(By the way, I have documented that my in-house development and deployment of servers has saved LA County between $2M and $4M per year in potential vendor and infrastructure costs.)

Re:LA - Buying? How? (1)

DrCForbin (685206) | more than 4 years ago | (#33050780)

Now, tell me HOW reducing the number of employees who spend thousands of man hours correcting issues caused by Microsoft products is not a cost benefit for the taxpayers? Tell me HOW not having to maintain the in-house servers (humans, power,etc) is NOT a cost benefit for the taxpayers? And not to minimize your achievements, HOW does potential savings (your 2 to 4 million dollars) get validated in the real world? How does the taxpayer see the results of the fruits of your labors? Tell me HOW it costs more money and reduces services to go to the cloud concept, which is really a throwback to the old mainframe/timesharing system just using the web to handle the traffic and the PC/Mac acting as a "dumb" terminal? As a taxpayer in the County of Los Angeles, I'd like to know. To me, this is just more FUD thrown up to protect jobs, that if Microsoft's stuff actually WORKED, would be unneeded. Yes, I'm a cranky old mainframe guy who has seen WAY too many good ideas get killed for corporate profits or to preserve the status quo. Justify your claims of service reductions and increased costs please

Re:LA - Buying? How? (1)

dave562 (969951) | more than 4 years ago | (#33051468)

The city wasn't running Microsoft on the back end. They were using Novell and Groupwise for email (along with just about every other government agency / municipality in California). They decided to replace Groupwise with GAPE... or I guess in this case, GAGE (Google Apps Government Edition).... soon to be known as GAG? (Only time will tell on that one).

Re:LA - Buying? How? (2, Informative)

filesiteguy (695431) | more than 4 years ago | (#33051566)

Well, it is simple.
(Trust me I'm not MS fan-boi.)

For the time period 2007-2009, my department spent an estimated $1,100,928 developing and enhancing two primary systems. This included all development and hardware costs. These systems take in between $300M and $400M per year in taxes and fees and are the largest of the kind by number of transactions processed in the US.
Vendor systems in this range have been quoted to us as costing between $4M and $6M outright with $500K to $800K/year in maintenance.
(Our accounting system - which is crap IMO - runs on a shared server and cost $160M.)
Here's how I came up with the figures.
Development Costs for JEDI System November 2007 - January 2009
Software
MSDN $50,000.00
Team Foundation Server $10,000.00
Janis Controls $20,000.00
Atlasoft Controls $20,000.00

Analysts
Specifications $138,622
Documentation $110,856
Training $52,100
Testing $146,178

Programmers
Development: $523,172

Management
Oversight: $30,000.00
Total: $1,100,928.00

Now, you can add in the overhead costs for servers and the personnel to cover the servers. We currently have 89 servers on racks in our server room. These servers must be up 18/6 and are absolutely essential during certain time periods. We have four staff members running the servers and an additional six staff members maintaining our 800+ workstations, LAN and six remote locations.
I’m a taxpayer also, and cannot stand to see money wasted. If I were to move to the cloud – the ultimate in vaporware IMO – we’d be moving to a service level that is set by the vendor and not in our control. We already have some services moved to the cloud. IIRC, the department spent around $1M on a vendor-hosted system that has been less than reliable and very expensive to maintain.

Re:LA - Buying? How? (1)

DrCForbin (685206) | more than 4 years ago | (#33051848)

Ah.. thank you for the numbers.. I can see how you arrived at the projection ..now we have to see if the reality matches the calculations :-)

thanks for taking the time to do the breakdown for me/us

Re:LA - Buying? How? (1)

filesiteguy (695431) | more than 4 years ago | (#33052978)

No problem. I hate overspending as much as the next guy... ...well maybe not as much as the City Manager in the City of Bell (http://www.huffingtonpost.com/2010/07/20/bell-city-manager-scandal_n_653304.html) but as most people.

If I thought the Cloud - or the mainframe - was a better value, I'd be all over it. In fact, I get hit by vendors (HP, EMC, IBM) all the time asking to put their hugely expensive "server farm" in with dozens of VM's. I prefer the Amazon or Google approach, with multiple low-cost servers that can be replaced quickly and inexpensively.

Man... (1)

Datamonstar (845886) | more than 4 years ago | (#33049852)

Marijuana practically legalized in California and its government moving away from Microsoft products. The economy really must be getting bad there!

Additional requirements not in original contract (2, Informative)

FleaPlus (6935) | more than 4 years ago | (#33050450)

Nobody seems to have mentioned this yet, but it looks like at least part of the reason for the delay are "unforeseen requirements" that weren't in the initial arrangement with the city that Google's had to deal with. For example:

http://techcrunch.com/2010/07/26/google-city-of-los-angeles-apps-delay-is-overblown/ [techcrunch.com]

As for the delay, Google says that they are working with with the City of LA to "address requirements that were not included in the original contract." One example of these possible requirements that came up is that the LAPD wants to conduct background checks on all Google employees that have access to Google Apps data in the cloud. Doing these checks of course add more time to the adminstrative clock.

LAPD background checks on Google employees may very well be a reasonable request, but things like this add time to the schedule and weren't part of the original contract.

Re:Additional requirements not in original contrac (1)

dave562 (969951) | more than 4 years ago | (#33051202)

That's what happens when you have senior sales guys meeting with managers.

Sales Guy, "Yeah, it will DO ALL OF THAT, and SAVE YOU OODLES OF MONEY."

Manager, "But does it work with my Blackberry? The IT guys tell me that Blackberry is important even though my kids have an iPhone and I like the Sports Illustrated Swimsuit app."

Sales guy, "Yes, it does work with your Blackberry."

Manager, "Alright, I'm SOLD."

They obviously failed to properly scope the work. They failed to consider LAPD's needs.

Re:Additional requirements not in original contrac (0)

Anonymous Coward | more than 4 years ago | (#33053610)

This LAPD memo explains [lacity.org] why LAPD is not on board.

For more details, try council file 09-1714 [lacity.org] .

Seems like a parallel effort though (1)

SuperKendall (25149) | more than 4 years ago | (#33053760)

One example of these possible requirements that came up is that the LAPD wants to conduct background checks on all Google employees that have access to Google Apps data in the cloud

That's pretty interesting but I'm not sure why it would be a part of schedule slip, given that almost all the work is on the LAPD to run the checks. Google just has to come up with the right list of people.

Re:Seems like a parallel effort though (2, Insightful)

RMH101 (636144) | more than 4 years ago | (#33054036)

...and get those people to agree to a police background check. Imagine if you were an offshore developer in another country, and your line manager casually dropped into a conversation that the LAPD want to audit you. Now scale that up to the presumably hundreds/thousands of google personnel who potentially have access to that data.

Google.gov? (0)

Anonymous Coward | more than 4 years ago | (#33054350)

Wohoo, when will we see google.gov?

What about 'em Subpoenas? (1)

140Mandak262Jamuna (970587) | more than 4 years ago | (#33057826)

If I sue some company or a city or someone, and I know they are using google apps service, can I subpoena google to produce all the relevant documents it has in its possession as part of discovery? Can I ask for a search using keywords and wildcards in all the documents stored as part of the service to the sued company?

If I use google apps service and someone sues me, can I get google to certify that I have not deleted or destroyed any document? Would I be able to argue "in this case absence of evidence is evidence of absence because we have this certificate from google saying we did not destroy anything".

Re:What about 'em Subpoenas? (1)

Compaqt (1758360) | more than 4 years ago | (#33065096)

Yeah, good question. Also, what if you're in California, and you have a dispute with someone (or a corporation or government entity) in Nevada. Normally, you wouldn't have access (through a state court) to their files, but since Google's located in CA, could a state court force Google to divulge documents?

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>