As a CIO I have absolutely no problem with Google getting into this arena.

The more choices my business has the better.

If someone can do it better/faster/cheaper, especially for "commodity" apps, then so be it.

Many/most/all businesses are not going to authorize the use of external resources as a repository for privileged business information, and for sure nobody in the healthcare industry is going to approve use for HIPAA data. Who is the target customer for these offerings?

This comes as no surprise. IT is shooting itself in the foot with the current attitudes. Lack of vision, resistance and satisfaction with the status quo are key reasons the "business" side is looking elsewhere for solutions. Google see's it.... IT is ripe for the picking.

I am a industry veteren and it is sad to see this evolution.

There are really two parts to this equation: technical capability and legal responsibility.

There is no doubt that Google, Microsoft, e. al, will eventually beat most corporate tech leaders in the ability to deliver ubiquitous technology solutions that cover 90%+ of a companies future needs.

CIOs will always have a job in maintaining legacy systems, tying together the hodgepodge of "brilliant" business initiatives that interfere with perfectly good corporate strategies (including remote apps) and then maintaining some element of accountability to keep the CEO and shareholders at bay. This last statement of course leads to legal responsibility. Who's in trouble when something bad happens to the data. I'm sure the lawyers at Google and Microsoft have written their way out of that problem, which leaves the executive team of the company holding the bag when the prosecutors enter the room.

Organizations and their CIOs have another headache coming if Web 2.0 isn't contained and restructured as Enterprise 2.0. I expect the first response will be to lock out users from these sites/capabilities while we find a suitable internal solution.

I think that big brother is getting stronger and stronger. Big brother will not necesarily be the goverment, but the large corporations such as Google and MS and others. The concept of privacy has been totally eroded. This is dangerous, as it will affect every aspect of peoples lives. From denial of health care services, insurance, loans, etc. All this information that is being collected by all of the companies, will one day be share for a price.

Absolutely not! An innovative and forward thinking CIO is trying to eliminate the dysfunctional co-dependence that has existed between users and technical staff. The CIO of the future will need to focus on three things:

1. Operational integrity. This is not a control strategy but a risk mitigation strategy. The CIO as a business leader needs to evaluate the business risk of any technology employed by the business and insure that the risk level is acceptable. It is highly unlikely that a anyone in the C suite (CEO, COO, CFO, CIO, adnauseum) will be comfortable with business critical data housed on a server farm managed by Google, particularly a publically traded company that has to meet Sarbox requirements.

2. Business Intelligence. The CIO knows that the IT team is not the source of business intelligence. Users have the intelligence and will use technology to analyze data. The relevance of Google will be limited by No. 1 above.

3. Integration. This is the great opportunity for growth for the CIO. The CIO is uniquely positioned to look at the business cross-functionally without a functional agenda. The CIO is the natural owner of process improvement and system integration (both vertically throughout the enterprise and horizontally with customers and vendors). I have seen recent reports that suggest a decline in SaaS projects for 2008-2009. This was primarily due to higher than expected costs and integration difficulties. It is unlikely that Google or will solve these problems in the near term.

So - Google shouldn't scare a CIO.

Are you kidding? Your title is misleading...

We turn off sites and external applications every day. With the implementation of Multi Protocol Label Switching, we could simply turn on what apps we want to allow running on our network instead of even having to turn off apps.

For systems and data serious to the organization's core competancies, all will stay within the data center. For all else, why not take advantage of a free ride...as long as the user understands he or she is on their own. In other words, don't come to IT to restore those lost, corrupted or overwritten files.

I certainly agree with your assessment that this application (running on my Google Apps already) for the small business user and maybe even the medium businesses that are becoming more and more cost concious. However, I don't see the threat to the CIO's authority.

It is imperative in this day and age to share as much information amongst the teams of people regardless of position (developers, marketing, account managers) across the company. The need to reduce duplication of efforts is a driving force for this very functionality being introduced. If some rogue department/entity decided a "screw this we're using Google Sites" against the CIO's directive to use their million dollar Enterprise Sharepoint customized installation there is an answer to that threat: Pink slip.

While CIOs may be in the dark about a lot of things in their company's individual departments and what they are doing day to day, there should be a system of checks and balances to ensure that teams are following the major directives of their superiors including the CIO. If it's not being followed, there's usually someone there willing to rat out the fact, anonymous or not.

Hello,

In the long run, I don't believe so. ITs still have the ultimate power: the firewall. Any application that becomes a problem can simply be blocked. Content filters can also play a major role in this as well.

With AT&T's lack in interest in extending broadband into rural areas, applications such as Google is offering will unfortunately not become the norm that people are projecting.

The idea of Web-accessed collaborative applications has merit when one begins to think of employees being able to remain at home and yet participate in the development of projects as part of a group. Think of the implications this has on the efficiency of the workforce to say nothing of the increase in its size.

This is not the issue that will wrest control from the CIO. No technology will do that. This is more likely to increase the clout of the CIO as command and control leader. The corporate need to protect privacy and security of intellectual property will quickly squash any grass roots effort to move to the cloud with critical (read all) corporate documents. There is very little incentive for users to move to a platform that offers equal or even slightly more functionality.

The issue that will bring down the CIO is credibility with his/her peers - other C-level executives and above. Other than that, the CIOs themselves are likely to be their own worst enemy: over promising and under delivering on priorities like cost management, major application rollouts, etc.

Do these new tools have the same basic end user license agreement as the Google Office apps? If so, they are dangerous in a work environment.

For the Google online office apps, accepting the EULA says you agree that Google can do whatever they want with your data. Imagine the problems for that medical data!

I know, Google quit putting telephone info andcredit card info, etc., online (I used to use the phone number to check my personal address list, and the Social Security number for genealogy info). But it can still be hacked to.

No thanks, I don't want my company using that part of Google even though we have nothing special in our info (don't tell my bosses I said that).

There is a significant point being missed here: Security! What types and amount of company data will be shared, found or sold via this process?

The concept is interesting and useful for personal or even small businesses. But this is a major risk to medium and large businesses or those with confidential data.

Another area of concern is the stability/performance of these services. If it goes beyond personal use, this is a potential pitfall with no SLA or support.

The bottom line is these services are useful and have potential, but they are not ready for primetime and the hype cannot overshadow the current operational reality.

Web-based applications will continue to make inroads as long as corporate IT departments try to lock their users down to the point that their productivity suffers. Why would I want to use Office 2000 on Windows 2000 in 2008 if I know there is a much more powerful free alternative available? And why would I wait a week or more to get a 50MB SharePoint page on the corporate intranet when I can set up a protected-access site online where I can get to it from home if I get an idea at 9pm - and have 200x the storage space, too?

Technologically astute workers won't sit around and chafe under the pressure of using inadequate tools. They'll go elsewhere - either to another tool source to get their work done for you, or to another employer who will better support them in doing their jobs. To prosper, CIOs must either align themselves and their departments with a rapid change model that supports the rate at which software tools evolve, or they must develop methods to manage external tool use in non-Draconian ways.

Oh, BTW, I often hear that this is a symptom of the younger workers' lack of respect for the needs of the company and the IT department. I think it's more properly a symptom of a lack of respect by the company/IT for the needs of the workers. And it's not just the younger workers; I'm 50+ and it chaps me at least as much as it chaps them.

I take my personal laptop in every day and do most of my real work on it because it is better equipped than my work-issue box that gets used mainly for email and retrieving reports from proprietary corporate systems. I save in backwards-compatible format to my USB drive, transfer the files to my company box, clean up the nagging items that aren't easily translated, and forward on to my co-workers who are amazed at how quickly my work gets done and how professional it looks. I do the same with web-based apps for things I can't easily move to my personal PC and back.

IT has already lost control of the tools. The real question is will we work with users to gain voluntary support of our business needs or will we continue to fight them to try to keep control we didn't really have in the first place?

What does one think the company auditors will say? These apps have got to be auditable and provide the access controls and confidentiality demanded by today's regulations. HIPPA anyone?

When these business unit leaders have choice, that's a good thing, but someone has to make these things talk to each other. Even if Google Sites offers Web services to allow these things to talk to each other, you will still have an integration problem.

Data defined by one business unit may have a different meeting to another business unit. Someone will have to realize that and get everyone on the same page.

The individual business units do not, in my experience, look at data from other business units in detail. All you get is the same stovepipe mentality, but now it is outside of the CIOs control.

I like the portability, and cost savings of these apps, but they are no magic bullet. Not by a long shot.

This will be a fine solution set, until the first breach of personal, corporate or medical information. At that point, the doors will slam shut on these offerings with a definitive clang. Cheap is great, but the CEO will fire people who place the wrong content on the shared service.

Would you place your medical history on a site that is famous for data trolling, management and presentation? Maybe. but this is a risk where I would seek CEO and board buy-in and then acceptance of a data exposure plan, complete with a scripted apology.

The operative words are "data leakage" and "lawsuit". Once the door is open to posting information outside the companies firewall, it shall be done. It may be inadvertent, it may be unintentional, or it may simply be innocence on someone's part.

But as someone already posted, the minute wrong information is leaked, the source company and the hosting company as well as the individual will have dates with the attorneys and court system.

Security professionals will tell you that hackers love to troll sites just to get information regarding companies data, architecture, people's names, etc., because it gives them clues that can be used for intrusion.

IT has a difficult enough time policing rogue applications and Google makes it easier for non-conforming users to do as they please.

Another comment mentioned about the end-use license agreement that Google requires its users to sign before using its services. This would mean confidential e-mails such as internal communications and passwords (when sent from authentication systems) could be at risk.

Also, who is accountable for downtime and service levels? When an enterprise purchases a license from a vendor they have someone to call. What level of service from Google should enterprises expect from a free service?