Feel Secure Using Gmail Or Other Cloud Services? Read This.

Google, Microsoft and scores of other companies are pushing us all into the “cloud”—where all of our information is stored online and is instantly accessible from any internet-connected device. This instant, universal access is a phenomenal benefit for most people. And since many of these cloud-based services are “free” (in the sense that they are subsidized by advertising) and are reliable and mostly maintenance-free (automatic software upgrades) virtually all of us are inexorably living more of our online lives in the cloud.

This also means we’re increasingly trusting the companies that provide these services to keep our data and personal information secure. Based on my personal experiences reporting on many companies that offer cloud-services and talking with them about security measures, this trust is generally well-founded.

But what happens if something goes wrong? For example, imagine an extreme case—what if your Gmail account was hacked, and even worse, if the hacker succeeded in deleting all of your email?

This horrific scenario happened recently to Deb Fallows, wife of The Atlantic national correspondent James Fallows. I had the pleasure of spending a few days with both Deb and Jim at a search conference in China several years ago, and can attest that both are technically savvy and not likely to be careless with their online “security hygiene.” So when I came across Jim’s story about Deb’s Gmail account being hacked, I read it—very, very carefully.

People who read Jim know that he’s written about technology for ages, and is one of the sharpest analysts of all things tech (I mean that both in the sense that he has a keen understanding and is also never shy about skewering inferior or faulty products or services). What some people don’t realize, however, is that Jim is also very knowledgeable about search, and Google in particular—for years he’s been a moderator and interviewer at Google’s exclusive Zeitgeist events. To help his wife recover her Gmail account and learn more about how such a catastrophic event could occur in the first place, he went to Google and spoke with people ranging from senior officials who set security policy to the engineers in the trenches who constantly monitor Google for threats and wrangle the systems to thwart the bad guys.

What he learned is eye-opening, but also reassuring. In my mind, his article Hacked is a must-read for anyone who uses Gmail, or any other cloud-based service. It’s a balanced look at the tradeoffs we all must make between enjoying the convenience of working in the cloud vs. the security risks we take—despite the serious and comprehensive measures companies like Google take to keep our data secure. A few interesting passages from the article:

“My wife’s password was judged as “strong” when she first chose it for use with Gmail. But it was a combination of two short English words followed by numbers, so if it didn’t leak from some other site, it might just have been guessed in a brute-force attack. For reasons too complex to explain here, even some systems, like Gmail’s, that don’t allow intruders to make millions of random guesses at a password can still be vulnerable to brute-force attacks.”
“At Google I asked Byrant Gehring, of Gmail’s consumer-operations team, how often attacks occur. “Probably in the low thousands,” he said. “Per month?,” I asked. “No, per day,” followed by the reassurance that most were short-lived “hijackings,” used to send spam and phishing messages, and caused little or no damage, unlike our full-out attack.”
“Against this assault, the Google security team, like its counterparts at other companies, is constantly monitoring activity across its systems, toward the end of detecting break-ins and hijacks before damage has been done, and even before the owners know that something has gone wrong.”

To its credit, Google was able to retrieve and restore Deb Fallows’ deleted emails. This wasn’t necessarily preferential treatment because of Jim’s contacts within Google—Google has an official “Undeletion Project” to assist people who’ve had their accounts hacked. Last month, Google also began offering a live help line for email recovery.

Fallows ends his article with some practical tips on protecting your cloud-based data. He followed up yesterday with a Q&A style blog post offering specific recommendations for making your Gmail account more secure. As said, both of these should be must-reads for anyone using Gmail or other cloud-based services:

Both Jim and Deb are prolific bloggers, and well worth following for the wide-ranging and interesting stories they write:

Related Topics: Channel: Consumer | Features: Analysis | Google: Gmail | Legal: Security


About The Author: (@CJSherman) is a Founding Editor of SearchEngineLand.com and President of Searchwise LLC, a Boulder Colorado based Web consulting firm. He also programs and co-chairs the Search Marketing Expo - SMX conference series.

Connect with the author via: Email | Twitter | Google+ | LinkedIn


Get all the top search stories emailed daily!  


Other ways to share:

Read before commenting! We welcome constructive comments and allow any that meet our common sense criteria. This means being respectful and polite to others. It means providing helpful information that contributes to a story or discussion. It means leaving links only that substantially add further to a discussion. Comments using foul language, being disrespectful to others or otherwise violating what we believe are common sense standards of discussion will be deleted. Comments may also be removed if they are posted from anonymous accounts. You can read more about our comments policy here.
  • TimmyTime

    Excellent article. The cloud is everything for many people but it can disappear in a second.

    Always forward e-mails to your ISP address while leaving them on the server.

  • http://www.BestPerformanceEFT.com Amber Brooks

    ANY email account can be hacked. We are ALL already using the cloud you just didn’t know it. No matter who you have email with it can be hacked and accessed from anywhere in the world. Switching to Google email is no different than Comcast or AOL or AT&T email. It’s all stored somewhere that is not your house until you download it. If you use outlook then after it is downloaded it’s stored on your pc but it can still be hacked. I see no difference in Gmail than any other mail service. The new risks are imaginary. You were already taking the risk when you signed up for email years ago. Now storing docs online is more of a risk but you have been sending the same docs through email for years so the risk is only slightly more.

Get Our News, Everywhere!

Daily Email:

Follow Search Engine Land on Twitter @sengineland Like Search Engine Land on Facebook Follow Search Engine Land on Google+ Get the Search Engine Land Feed Connect with Search Engine Land on LinkedIn Check out our Tumblr! See us on Pinterest


Click to watch SMX conference video

Join us at one of our SMX or MarTech events:

United States


Australia & China

Learn more about: SMX | MarTech

Free Daily Search News Recap!

SearchCap is a once-per-day newsletter update - sign up below and get the news delivered to you!



Search Engine Land Periodic Table of SEO Success Factors

Get Your Copy
Read The Full SEO Guide