Outlook and Gmail

Tuesday’s New York Times Bits blog has an item about a product that will synchronize between Outlook and Gmail:

Cemaphore Systems, a company that specializes in e-mail backup services, is expected to announce on Wednesday a new product that allows people to automatically synchronize their e-mail, calendar and address books between Microsoft’s Outlook and Google’s Gmail. The service, called MailShadow for Google Apps, is being pitched as a “email continuity and disaster recovery solution.” In other words, it is intended to provide users of Outlook and Exchange, Microsoft’s mail server, with a secure backup. As such, it represents an interesting use of the Google computing “cloud” to provide a service for Microsoft users.

But the technology also would allow businesses to rip out their Exchange servers and run Outlook, which millions of users are familiar with, directly from the Google servers.

It’s the last bit that interests me, in particular.

First, most of that’s already there, using the Internet standards that both Outlook and Gmail support. Outlook users can access their mail in Gmail today, through the IMAP protocol that Gmail recently added support for. There are some limitations in the Gmail implementation, and an annoying bug in the handling of line-end characters (which the Gmail people are aware of and plan to fix), but it’s there. For calendar, both programs support the iCalendar standard, making it possible to move calendar information back and forth. And both allow exporting and importing vCards, so one can move address-book entries also.

There’s value, of course, in setting up a one-click synch, and perhaps that’s what Cemaphore has done.

But it’s bound to disturb corporate IT management, because employees will surely use it to bypass — intentionally or not — corporate security policies by storing corporate email, contact information, and calendar entries (with conference call-in numbers) on Gmail’s servers.

BlackBerry devices have become very popular in the corporate world, and are widely accepted in that environment precisely because they use encryption all the way through the system. Whenever any corporate data passes through a service provider, it’s encrypted... so even if you don’t trust your carrier, it doesn’t matter: they can’t get at the data anyway.

Gmail has done some things right with regard to encryption in accessing their systems: you must use encryption when you use Internet protocols in Gmail. That’s a good thing. But the encryption is only used to move the messages around. When they’re stored on Gmail’s servers, Gmail can read them. And that gives corporate types heartburn.

We’ll have to see what corporate IT management does about it.