Using GMail for Scanning

This is sort of a general security question I am throwing out to all you experts because I am about to go off on a vendor.

Last week, we had @ 20 Printer/Scan/Fax machines (the big ones) replaced under a new contract with a new vendor. We with IT provided them IP addresses to use and the company did the rest of the config. Today we discovered that all of their scanning features are configured using Gmail, pushing the scans via an account we don't have access to because I don't know the password. I consider this a HUGE security risk.

My problem is that Google archives everything sent through it's service. There's no telling what info is on those scanned documents, including personal info like social security numbers, private medical info, police evidence (we are a city government), and so on. Also, this vendor could access the Gmail account and look at all our scans.

Has anyone else run into this practice? If so, what are your thoughts on it? Am I over reacting or is there a lot of potential problems that could arise by using Gmail instead of our internal Exchange server?
LVL 18
William FulksSystems Analyst & WebmasterAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Tom CieslikIT EngineerCommented:
Yes, You should change settings and re-route traffic through your internal Exchange server as soon as possible.
Make some user (let say name faxservice with complicit password) and allow your all machines to send through relay on your server.
That way you'll have control over your service and some logs. Also you can decide if you want to keep copy of all sent documents in this special user sent box.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
William FulksSystems Analyst & WebmasterAuthor Commented:
Tom, that's exactly what I did. We already had some individual accounts setup for specific scanners so I made a generic scanner account for the rest just to get them off Gmail. I can't believe the vendor did this. Also, I tried accessing that Gmail account and could not get into it. The backup authentication is tied to a cell phone!
fred hakimRetired ITCommented:
Have this vendor redirect these devices in house (as mentioned above) immediately, These docs may contain sensitive data and your company is responsible and liable for its protection.  

Also demand immediate access to the gmail account(s) associated with those devices.  The data is certainly stored there and it belongs to you.  Then find everything and delete it, then delete it again from the gmail trash folders.  At that point its disassociated from the gmail account, but copies still reside in backups for about 60 to 90 days.  The data sectors where they lived will of course still hold the data images but access to those disks would be needed to recover them, and  given the tremendous activity on gmail servers, it should be overwritten within minutes, days or weeks anyway.  

Next you have the issue of cache on the devices.  Certainly some data remains there. So, if you decide to throw this vendor out you need to address residual data cached in devices before they are removed.
I've seen vendors that will generically use Gmail because they don't have someone available to provide them the information needed to configure the appropriate mail server. At prior places where I've worked when I was present, they did it simply because I was not going to disclose login information to them (some of them were in such a rush to be out they didn't want to take a moment for me to simply input the information and wanted to simply prove that it worked). However, since I at least knew what they had done, I could correct it immediately.

Lesson learned, there was a communication fail at multiple points: The vendor didn't ask if you how you were going to use the scan/email features BEFORE deploying the machines, in which case there would have been an opportunity to properly communicate (this is a common fail.. generally they will only check if you want the features). Secondly, since nobody from IT was present (I assume) at the time of deployment, there was no way from the vendor to have the mail server information. (I presume Facilities was present, and we know they wouldn't have mail server information). Lastly, Facilities (most likely) didn't attempt to contact IT, which would've been sort of a last line of defense. For the future, I'd make sure that someone from IT is present for things with a technical touchpoint like that. (Being available doesn't count because the person who was present could still neglect to call)

But to answer your actual question, I concur with getting things set up through Exchange ASAP, which you've already done. Additionally, if you contact the vendor, they should be able to get you in touch with the technician who set up your printer if they still work there (the usage of Gmail like that is always a technician decision, not a corporate one). That person may still remember the password. Then you can empty out the mailbox. And from that point, what Fred has mentioned applies.

However, if the technician is no longer with the company, you'd then have to hope that the cell phone number is still with the vendor. Otherwise, you're basically SOL. However, I'd consider your concerns legitimate for the reasons you've mentioned. You don't want confidential data or PII to be floating out there, especially in a scenario where you have no way to check and delete it. Would've been a different issue had the agency you're with chose to use Gmail for work email, in which case you still would've made sure it was a city government account, not a generic Gmail account.
William FulksSystems Analyst & WebmasterAuthor Commented:
Thanks for the input!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.