Who Watches the Watchmen?: Google Apps Governance to Protect Private Docs from Administrators
My Company is currently in the process of moving a good deal of our documents over to the Google Docs interface from the various places within our on-line HR system, which we’ll be moving away from in the beginning of 2011.
While these documents are mostly public company documents – forms, templates, etc. – there is a growing requirement for the ability to store more sensitive company information. We’re not talking sensitive financial data or anything, but department-level and project-level documents that should be accessed only by people in those respective groups.
I’m 90% of the way to a solution using group permission assignments, permission inheritance, etc., but one question remains…how do I protect those private docs from me?
While I can personally vouch for myself, there is now way for my company to guarantee that another administrator (or I, for that matter) – as administrators of the entire structure – won’t abuse our “trickle-down” admin privileges on the documents, especially if we need to administer or support them. Group-based access is great, except the admins are the ones assigning the groups.
This is a pretty big sticking point. Has anyone had experience like this with Google Docs, and if so, do you know a way that, as the Counting Crows put it, I can “keep myself away from me”?
Feel free to leave perspectives / solutions in the comments. I’ll update this post if/when I find a solution, and will certainly give credit where it’s due. :)
Leave a comment