Using GMail for Scanning
This is sort of a general security question I am throwing out to all you experts because I am about to go off on a vendor.
Last week, we had @ 20 Printer/Scan/Fax machines (the big ones) replaced under a new contract with a new vendor. We with IT provided them IP addresses to use and the company did the rest of the config. Today we discovered that all of their scanning features are configured using Gmail, pushing the scans via an account we don't have access to because I don't know the password. I consider this a HUGE security risk.
My problem is that Google archives everything sent through it's service. There's no telling what info is on those scanned documents, including personal info like social security numbers, private medical info, police evidence (we are a city government), and so on. Also, this vendor could access the Gmail account and look at all our scans.
Has anyone else run into this practice? If so, what are your thoughts on it? Am I over reacting or is there a lot of potential problems that could arise by using Gmail instead of our internal Exchange server?
Last week, we had @ 20 Printer/Scan/Fax machines (the big ones) replaced under a new contract with a new vendor. We with IT provided them IP addresses to use and the company did the rest of the config. Today we discovered that all of their scanning features are configured using Gmail, pushing the scans via an account we don't have access to because I don't know the password. I consider this a HUGE security risk.
My problem is that Google archives everything sent through it's service. There's no telling what info is on those scanned documents, including personal info like social security numbers, private medical info, police evidence (we are a city government), and so on. Also, this vendor could access the Gmail account and look at all our scans.
Has anyone else run into this practice? If so, what are your thoughts on it? Am I over reacting or is there a lot of potential problems that could arise by using Gmail instead of our internal Exchange server?
Last Comment
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Thanks for the input!
Security
Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection. Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.
32K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
ASKER