Labels: , ,


The United States Navy’s Maritime Domain Awareness program focuses on improving maritime security around the world. As part of this initiative, the U.S. collaborates with international governments and non-governmental organizations (NGOs) to increase maritime security capabilities in different regions in order to prevent threats like piracy and terrorism, as well as to respond to natural disasters.

Sharing information is critical to maritime security. And most of this information is public – or sensitive but unclassified, as the government calls it. In summer 2008, we began InRelief to improve our collaboration capabilities using Google Apps. InRelief supports the Navy’s humanitarian assistance and disaster relief mission. We use email, chat, shared documents, calendars, sites, and other Google applications to support our information sharing needs.

Previously, on U.S. Navy ships, the unclassified network was a U.S. network only, so NGOs or foreign governments could not access it. We set up a Non-Classified Enclave (NCE) as a way to give our partners access. The NCE is a network of virtualized servers located in Miami, Florida that provide secure connectivity. InRelief is basically a cloud-based implementation of NCE.

Our team saw several advantages to building InRelief on Google Apps, including security, scalability, reliability, and other powerful features we didn’t have to build ourselves. As part of the military, gaining familiarity the security controls of Google Apps was of critical importance. Our security team met with Google’s team and went through in detail how Google implements security. We came away with the understanding that Google Apps is very secure. The fact we’re hosted on a FISMA-certified environment allows our team increased flexibility and assurance when collaborating and sharing unclassified but sensitive content and documents.

In the event of a major crisis when we would need a lot of accounts for a short period of time, Google Apps lets us scale easily to as many users as necessary. We can turn them off again when we no longer need them. That’s a tremendous asset. It would be really tough – and not cost-effective – to resource a system ourselves that could scale up and down like this.

As for reliability, with Google Apps data is replicated in multiple data centers, so we can be assured we’ll have access to our data. Having a single point of failure is a constant challenge with other systems. Particularly when dealing with disasters, knowing the system will be available is a big plus.

Some of the built-in features of Google Apps were critical to our needs. For example, real-time collaborative editing of documents, spreadsheets and presentations supports crisis response planning efforts using multiple personnel who are geographically dispersed. Also, real-time translation in chat can be extremely helpful when we’re trying to coordinate efforts with a coalition of people who speak multiple languages.

Another issue we are always concerned about is the training requirements new tools impose on our users. With InRelief, we can give an account to a foreign government representative or NGO and it doesn’t take much time for them to get started. Earlier this year, we put Google Apps to test in coordinating a response to the Haiti earthquake. When the Haiti effort kicked off, our team was dispersed. We used the Google collaboration tools – email, chat and shared documents – to get things moving. Even the remote team members could review and contribute to the team’s work. Half the people in the group hadn’t used Apps before our efforts got underway – they just did it, with no learning curve. Our team is currently using the same capabilities to support relief efforts for the Gulf of Mexico oil spill disaster.

Finally, the concern for developing cost-effective solutions that maximize the benefits of tax dollars spent, our overall costs were hundreds of thousands versus millions of dollars; a significant savings when compared to what we spend to host traditional stovepipe type systems requiring network connectivity, software, hardware, system administrators, information assurance testing, and certification & accreditation.

With InRelief.org, we have a collaborative environment easily accessible with a secure and reliable infrastructure that allows us to respond rapidly to crisis.

– Captain Douglas C. Wied, Assistant Program Manager
Non-Classified Enclave, U.S. Navy

Posted by Dan Israel, Google Enterprise team
Labels: , ,


Today, we’re pleased to introduce a new edition of Google Apps designed specifically for the needs of U.S. government entities. It’s called – appropriately enough – Google Apps for Government. This new edition is available now to federal, state and local governments in the United States.

Google Apps is also the first suite of cloud computing applications to receive Federal Information Security Management Act (FISMA) certification from the U.S. government. With this federal government certification of our security controls, government agencies can use our cloud services with confidence.

A wide range of U.S. government customers are already taking advantage of Google Apps, from the U.S. Department of Energy’s Berkeley Lab to the U.S. Navy’s InRelief program, to the City of Los Angeles, to smaller governments across the country like Panama City, Florida and the City of Wooster, Ohio.

You can learn more about how U.S. Government customers can benefit from this new edition in today’s Official Google Blog post.

– Kripa Krishnan, Technical Program Manager, Google Apps for Government

Posted by Dan Israel, Google Enterprise team
Labels: , , ,


Ernest Lawrence, the Nobel Prize winning physicist, is often credited as being the father of “team science.” He understood that some of the most important and difficult problems in science required bringing together experts from across disciplines to work on experiments that they couldn’t possibly execute individually. That legacy is the foundation of work at Berkeley Lab. Today, we’re excited to be bringing the next generation of tools to support team science to the Laboratory, including Google Apps.

Berkeley Lab is a member of the National Laboratory system supported by the U.S. Department of Energy through its Office of Science. It is managed by the University of California (UC) and is conducts unclassified research across a wide range of scientific disciplines. Berkeley Lab employs approximately 4,000 scientists, engineers, support staff and students. Eleven Berkeley Lab researchers have won the Nobel Prize. Fifty-seven Lab scientists are members of the National Academy of Sciences (NAS), one of the highest honors for a scientist in the United States.

Switching to Google Apps supports a number of important Berkeley Lab goals:
  • Sustainability We now utilize the Google data centers that power Google Apps, which are are among the most efficient in the world, instead of operating our own servers;
  • Efficiency Berkeley Lab is going Google reduces internal infrastructure costs and allows us to recover data center and personnel capacity;
  • Collaboration It provides new tools and platforms for improving scientific collaboration, including real-time document sharing and support for easily including collaborators from around the world as full participants in our work.
Berkeley Lab is in the midst of the first production rollout of Google Apps in the Department of Energy. We have moved over 4,000 people to the Google Mail service to date and an expected total of 5,000 accounts by the end of summer 2010. We have already rolled out Google Docs and Google Sites Lab-wide to improve collaboration capabilities for our staff. A transition to Google Calendar is planned in the coming months, as well.

If you want to learn more, we’ve even set up a public site to tell the world about this project. Or you can watch this video:


It’s been really gratifying to watch the adoption of Google Sites and Docs at the Lab. These two applications extend the reach of the Lab's existing collaboration systems by offering new features and easier inclusion of external collaborators.

Smaller research projects with a few dozen collaborators often struggle with building the infrastructure to effectively share information; Google Apps makes it easy for them to deploy the services they need with no help from IT folks.

Since we’ve integrated Google Apps with the Lab's Identity Management System, our users have a seamless experience. And all our users benefit from the extensive resources that Google has dedicated to keeping the Google Apps system -- and our data -- secure.

The Lab expects to realize financial savings as a result of the transition. The final numbers are not available yet, but the estimates range in the area of $1.5M-$2M savings over the next five years in hardware, software and labor costs. Cost avoidance, increased functionality and resiliency were all important factors in the decision to migrate. Above all, we’re empowering our researchers to share, collaborate, and build teams like never before. We think Ernest Lawrence would be pleased.

Dr. Rosio Alvarez, Chief Information Officer
Lawrence Berkeley National Laboratory

Posted by Dan Israel, Google Enterprise team
Labels: ,

Chet Loveland, Global Information Security and Privacy Officer at MWV, holds 23 years of experience in the Information Technology industry and was formerly an Information Security Manager for Federal Reserve Information Technology. Brian Bolt, Lead Systems Engineer for Boise State's Office of Information Technology, holds 15 years of experience in the Information Technology industry, with an MBA from Boise State, where he has worked to emphasize the alignment of IT infrastructure and services to support the business needs of the university.

Chet and Brian will be joined on the webcast by Eran Feigenbaum, Director of Security for Google Apps. Eran defines and implements security strategy for Google's suite of solutions for enterprises. Prior to joining Google in 2007, Eran was the US Chief Information Security Officer for PricewaterhouseCoopers (PwC).

Learn what security and compliance questions to ask of a cloud computer provider and how Google addresses them on a live webcast on Thursday, July 22, 2010 at 2:00 p.m. EDT / 11:00 a.m. PDT / 6:00 p.m. GMT. Register today.

Google Apps is one of the fastest growing cloud computing solutions available today. Not surprisingly, many organizations considering solutions like Google Apps have questions about security and compliance. When moving into the cloud, it is important to consider factors such as how the cloud provider fights spam, malware, and phishing, designs identity management systems for hosted web apps, and monitors its network for potential threats. Institutions must consider ways to protect intellectual property, compliance with regulations, and evaluating information about the cloud provider's data center and network infrastructure.

At MWV, the main considerations were reducing IT costs and consolidating ten different email systems into one. At Boise State University, the primary concern was safeguarding student records and information. Despite differing priorities, most organizations today face common underlying security challenges and needs.

Both MWV and Boise State asked themselves:
  • Where is the best place for my applications and data?
  • Why is security so tough? What are some of the issues with the traditional model?
  • Can hosting data in the cloud be as secure or perhaps more secure, than in traditional environments?
  • What are the full costs if security is handled internally? (considering firewalls, server upgrades, maintenance, mail filtering, anti-spam, and more)
  • How can we maximize productivity by enabling people to work anytime, anywhere while minimizing the amount of data that is stored on distributed devices?
  • How will the cloud provider affect costs and the reliability of security systems?
  • How do we educate internal stakeholders and users on security and compliance issues to mitigate risks and help ensure adherence to best practices?
  • And, ultimately, what are Google's practices and technologies that can help us maximize security while reducing costs?
There are always plenty of questions and follow up discussions when considering the people, best practices, and technologies required to minimize security threats. There are also many lessons to learn from two Google Apps customers who have moved into the cloud – with security and compliance at the top of their lists to address. Learn more from experienced Google Apps customers and from Google's security chief for enterprise applications.

Please join us for a lively discussion of the security and compliance considerations for moving into the cloud.

Boise State and MWV on Evaluating the Security of Going Google
Thursday, July 22, 2010
2:00 p.m. EDT / 11:00 a.m. PDT / 6:00 p.m. GMT





Posted by Serena Satyasai, the Google Apps team

For more information on the security of Google Apps, please visit www.google.com/apps/trust
Labels: , , ,


Administrators can manage these settings on the ‘Organizations & users’ tab in the ‘Next generation’ control panel. Alternatively, organizations can mirror their existing LDAP organizational schema using Google Apps Directory Sync or programmatically assign users to organizational units using the Google Apps Provisioning API.

This feature is starting to roll out to Premier and Education edition users at no additional charge. To learn more about user policy management on Google Apps, please visit our Help Center documentation.

Posted by Adam Dawes, Google Apps Product Manager
Share on Google+ Share on Twitter Share on Facebook
Labels: , ,


However, when it comes to searching information on their corporate intranet, most users’ choices are limited. Corporate users typically have to go to a special URL or open up a special portal application to search their intranet. To alleviate this limitation, we have integrated the Google Search Appliance with the OpenSearch protocol. OpenSearch is a collection of simple formats for the sharing of search results. So for instance, integrating with OpenSearch enables accessing the Google Search Appliance directly from the browser:

Or, as shown below, you can search directly from Windows Explorer within Windows 7:

Ultimately, we are trying to provide as many options as possible to the end user. And by supporting OpenSearch, these options will increase as more platforms connect with OpenSearch.

You can immediately download this feature on Enterprise Labs, or learn more about it in our technical documentation.

Posted by Alexander Kerschhofer, Google Search Appliance team
Share on Google+ Share on Twitter Share on Facebook
Labels: , ,

Editor's Note: Continuing our “Going Google Everywhere” series, we’re pleased to welcome guest blogger Itamar Kubovy, Executive Director of Pilobolus, an innovative modern dance company that has gone Google. Itamar has been producing, writing and directing theater, dance and film since 1985 in Europe and the US. He joined Pilobolus at the beginning of 2004 as the company's first Executive Director. Last week, Pilobolus opened its 23rd summer season at the Joyce Theater in New York City, premiering new works and showcasing beloved classics. Learn more about other organizations that have gone Google on our community map.


Pilobolus is a small company with 50 people strewn all over the world at any one time. We perform 200 shows in 30 or 40 different countries each year and have two different dance companies, so each week we have people moving around the world for performances and educational activities. There are a lot of logistics and moving parts that keepPilobolus going.

We moved to Google Apps Premier Edition because we needed enterprise-level collaboration tools, without the high cost and maintenance. Most of us have iPhones and we keep track of 20 to 30 Google Calendars at a time. We also use Google Docs to manage our travel arrangements. Before moving to Google Apps, we would print out piles of travel itineraries that constantly kept changing. We estimate we are saving about 12,000 pieces of paper a year with Google Docs, if you consider that each dancer had about 10 pages of printed travel instructions for each venue!

So much of the information we need to share is visual – rehearsals, performances, and such. It used to be difficult to share visual information when performances were kept on videotape. There was typically just one tape floating around, and if we wanted to share it with a choreographer or other dancers somewhere else, itwasn’t easy. Now, we upload all of our performances onto Google Video for business , part of the Google Apps Premier Edition suite. We have found that there is a lot more discussion happening, and we’ve been able to collaborate in real-time with choreographers and artists all around the world.

In one instance, we worked with a couple in Tel Aviv who was helping us choreograph a new dance. The woman of the couple was due to have a baby any second and couldn’t travel. From a studio in Florida, we were able to collaborate together with the team in Tel Aviv using video streams of the rehearsal over Google Video. The power of Google Video for business for global collaboration is dramatically changing the way we work together and collaborate. It's so important in terms of communicating what went right or wrong, pinpointing a weak link in the performance, communicating changes to the choreography, or in asking questions of choreographers located in different places around the world.

Video is a great collaboration tool when it comes to rich media – it’s the way we bring together a team that is spread all over the world.Google's tools have definitely made it easier to put our best foot forward!

Posted by Serena Satyasai, Google Apps Marketing
Share on Google+ Share on Twitter Share on Facebook


Spam and virus volumes this year have continued their upward trend. Q2’10 has seen a sharp 16% increase in spam volume over Q1’10. Virus traffic has moderately increased 3% increase this quarter, however Q2’10 virus was 260% higher than Q2’09. These trends tell us that the spammers are still extremely active, and their botnets produce high levels of spam and virus traffic.

By the by numbers
Spam volume shot up 16% from Q1’10 to Q2’10. Overall, however spam levels are down 15% from Q2’09.

Virus volume grew quickly at the beginning of the quarter, shooting up 90% from March to April, but then quickly dropped off. We saw only a modest 3% uptick from Q1’10 to Q2’10 at the aggregate level. Compared to Q2’09, this represents a 260% increase.

One interesting trend we noticed is size of individual spam messages rising 35% from Q1’10. This points to the fact that spammers are sending more image-based spam, as well as viruses as attachments.

New methods of attack
We have also seen a recent surge in obfuscated (hidden) JavaScript attacks. These messages are a hybrid between virus and spam messages. The messages are designed to look like Non Delivery Report (NDR) messages, which are legitimate messages, however they contained hidden JavaScript which in some cases tried to do things the user may not have been aware of.

In some cases, the message may have forwarded the user's browser to a pharma site or tried to download something unexpected, which is more virus-like. Since the messages contained classic JavaScript which generates code, the messages could change themselves and take multiple forms, making them challenging to identify.

Fortunately, our spam traps were receiving these messages early, providing our engineers with advanced warning which allowed us to write manual filters and escalate to our anti-virus partners quickly. In addition to this, we updated our Postini Anti-Spam Engine (PASE) to recognize the obfuscated JavaScript and capture the messages based on the underlying code to ensure accuracy.

The classics
Although they’ve added a few new tricks to their bag, spammers continue to exploit tried and true techniques, including:

• False Social Networking Messages
Social networks continue to be one of the most frequently spoofed domains for the purpose of spreading phishing scams and virus downloaders. These messages do not actually come from social networks but look similar to legitimate social networks messages. Such messages often contain links to external websites which contain malicious content and/or attempt to harvest user login information. The Postini Anti-Spam Engine is very good at detecting such messages, but users should always be cautious when handling messages from popular social networking sites.

• Current events
As always, spammers continue to spoof major news stories, and this quarter, we saw an increase in spam involving the World Cup. Here is one example of a virus downloader that our spam filters caught:

• Shipping scams
The shipping scam is a favorite of spammers. This quarter we saw a more wide spread outbreak of messages claiming to be from major shipping companies because spammers get a higher success rate with these type of scams. The subject for the message made it look like an invoice and the message body contained random text such as news stories that did not look particularly "spammy." Each message had an attached zip file that presumably was intended to contain some sort of virus payload; however, the data was corrupt and did not pose any actual threat.

Stay safe from phishing scams
With the global economy continuing to lag, we have seen a continued upswing in “friend-in-need” phishing attempts, where hackers break into the email account of unsuspecting users and then hand-type a message to send to the victim’s email contacts.

The most common message told a story of the person being mugged while traveling abroad and requesting money to be sent to them in order to help them get home. The hacker is preying on the generosity of the victims friends in the hopes that one or more of them will send money to them. These messages can be difficult for spam filters to identify since they are hand typed and not sent in bulk. It goes without saying, but be wary of emails requesting money – regardless of the sender.

In response to these outbreaks, our engineers have released several updated filters to combat new spam waves.

Conclusion
Spam volume fluctuates in the short term, but overall, for the last 3 quarters spam volume has been relatively flat. Spammers continue to exploit techniques that have proven results, but as we have seen with obfuscated JavaScript attacks spammers are always experimenting with new techniques to stay ahead of security measures. Google Postini Services customers are protected from the brunt of these increases in spam volume.

For more information on how Google’s security and archiving services can help your business stay safe and compliant, please visit www.google.com/postini.

Posted by Adam Hollman and Gopal Shah, Google Postini Services team

Share on Google+ Share on Twitter Share on Facebook
Labels: , ,


For the last three years the State of Louisiana has provided our first responder community a secured access to Federal, State and local geospatial data and high resolution imagery of Louisiana through a Google Earth Enterprise client. In preparation of hurricane season, Louisiana is pleased to announce that we have launched the first public version of a Google Earth Enterprise platform.

Louisiana Earth was released as part of the state's "Get a Game Plan" campaign, to assist citizens in creating evacuation plans by providing access to all of the states evacuation routes, sheltering points historical hazard data and other information that is essential during an evacuation such as locations of and available occupancy of hotels, gas stations, pharmacies, grocery stores, veterinary clinics and banks.

Louisiana Earth will also serve as a mechanism to relay critical data during disasters to help inform the public on the status of response and recovery efforts. Using the Deepwater Horizon Rig incident as an example, there is existing data that Louisiana is making available which includes the latest oil sightings from aerial observations, oyster bed closures, as well as critical environmental data such as bird nesting areas.

During hurricanes and other natural disasters, Louisiana will be able to provide information such as the location of points of distribution (PODs), food stamp offices, unemployment claims offices, disaster recovery centers as well as the status of parishes' power outages as an example.


Finally, while the primary purpose is to utilize Louisiana Earth as a mechanism to provide critical data during emergencies, it will also be utilized to promote Louisiana. We will constantly be adding data that the public can use to take advantage of the many activities and events, such as festivals, that are available in Louisiana.

Louisiana Earth already has information on all of the state parks which consists of lodging accommodations, hiking trails, and camping sites. Historical data and cultural events will also be included and will continue to be updated.

To access Louisiana Earth, go to laearth.la.gov.

Posted by Natasha Wyatt, Google Earth and Maps team
Share on Google+ Share on Twitter Share on Facebook
Labels: ,

Labels: ,


Geospatial visualization of multiple streams of data has been critical to the defense and intelligence communities for a long time. Whether it’s showing aircraft flying around, soldiers taking a hill or different types of intelligence – seeing it on a map has been key to understanding a conflict.

In the second World War, the allies used maps with little models to show units, and moved them with poles to update their locations. With modern radar and GPS systems, things are a bit more sophisticated, but much of the mapping functionality has lagged behind. Many of the currently deployed command and control (C2) systems use flat, two-color vector maps with triangles showing units.

Visualization of AWACS plane in Google Earth

BlueSpace and AWACS
Before BlueSpace engaged them, AWACS was already actively working with 3D visualization. AWACS is the US Air Force Airborne Warning and Control System: a forward deployed radar platform (the planes with big spinning discs on top). The vision of the AWACS program has been to move away from a black screen with green triangles on it, and move towards a more visually rich C2 environment for operators that can show the terrain in which they are working.

How has BlueSpace helped? Well, we have focused on two problems – high quality, real-time visualizations and creating a Unified Operating Picture.

High Quality, Real-time Visualizations
The first problem is creating a much more "real" view of the battle theater, with 3D models moving around in real-time based on input data feeds giving latitude and longitude references for units. Our design goal was to create something more like a real-time video game using Google Earth's richness of graphics and capabilities.

BlueSpace is demonstrating its Multi-Level Security Command and Control (MLS C2) application at 5 different locations for the Coalition Warrior Interoperability Demonstration (CWID), a joint exercise between the US, UK, Canada, Australia and NATO (among others) to help find and prove technologies and systems that can help better orchestrate coalition warfare. For the exercise, BlueSpace worked with its partners to model around 100 units including aircraft, ground units and boats and of these units move around in real-time based on data feeds being fed to the application.

You can take a look at some of the interface, captured from Google Earth in this unclassified video: http://www.bluespace.com/mlsc2.html

A Unified Operating Picture
Wars used to be fought by relatively small numbers of allies, with each nation focused on a particular theater. As warfare has evolved over the last two decades, the reach of aircraft, missiles, satellites etc. have blurred lines between the different services and often between nations.

MLS C2 User Interface using Google Earth Enterprise
for geospatial visualization of ground, air and sea units

Right now, the NATO configuration of the AWACS planes can have up to 14 different screens on each AWACS aircraft – one for the US aircraft, one for the British, one for the Canadian, one for the German, etc. So when something new comes up on radar, operators may have to look at up to 14 screens to figure out what is going on.

BlueSpace has taken these separate pictures and consolidated them into a single Unified Operating Picture (UOP) that spans all the different networks, providing one Google Earth environment, with all the units in that environment, no matter which nation or service they serve. This means an operator on an AWACS plane only has to look at one screen to see what is happening – a vast improvement.

Google Earth's extensive capabilities allow an operator to fully utilize this unified operating picture to see terrain, roads, etc. in their relation to the plotted units. In addition, Google Earth's full camera controls provide the viewing flexibility necessary to interact with those units.

BlueSpace and Google
We see a great future for Google Earth Enterprise in our C2 system. Being able to see the helicopter, visually recognize its type immediately and see which mountains are next to it when the pilot calls in, “I’m taking fire from the ridge on the left” makes a big difference in a real fight. Doing all of that across many different security domains in a Unified Operating Picture that spans multiple networks – that’s a game changing capability.

Posted by Natasha Wyatt, Google Earth Enterprise team











Share on Google+ Share on Twitter Share on Facebook
Labels: , ,


Posted by Steven Bazyl, Google Apps Marketplace team
Share on Google+ Share on Twitter Share on Facebook
Labels: , , ,