The IT Security Services crew at the University of Michigan have written a fairly extensive whitepaper on security considerations for Google Desktop.
Unfortunately, it only covers version 2.0, not the new 3.0 — the one which has a number of people quite concerned. (It is important to remember that the feature that’s most disconcerting to folks is Search Across Computers, which is not enabled by default.)
Nevertheless, it’s still a good read and I look forward to an updated version with their comments on 3.0.
From the whitepaper:
1. Google Desktop should not be deployed
a. As part of a “standard build” that is available to all users
b. On workstations that process sensitive (per SPG 601.12) data
c. In Terminal Server environments
d. On workstations that do not follow common security best-practices such as automatic OS updates and automatic AV updates
e. On workstations that leverage external (non-UM) email or IM services
2. Instead, Google Desktop should only be deployed to individual users on an “as-needed” basis in accordance with the following deployment guidelines:
a. Disable Google Integration
b. Disable Network Drive Indexing
c. Disable Indexing of secure web pages
d. Disable Indexing of Instant Messages
3. In managed Windows environments
a. Use the
b. Be prepared for “zero-days” in the indexer by ensuring that you can centrally disable it.
4. Finally, make user’s aware of
a. Google Desktop’s privacy policies and, in particular,
b. Privacy concerns with Google Desktop Advanced Features
As always, your comments are welcome.