Yes, the services offered by Postini, now under the Google brand, are a great idea. What they do for Google Apps is beyond me.I've long been a fan of software as a service, and specifically of hosted
e-mail security, and even more specifically of Postini. It's just the right way
to do this sort of thing.
Now Postini, acquired about six months ago by Google, is
offering a new set of security services bundles. They're good stuff, just
as Postini's offerings were always good stuff. In fact, that's basically what
they are. The new bundles are, more than anything else, the rebranding of
Postini services as "Google Message" services, "powered by
Postini."
It's not clear that there's anything more going on; perhaps some of the
secret sauce in Gmail's spam filtering has been incorporated into Google
Message Filtering and/or Google Message Security, but these are enterprise services,
not meant for the Gmail crowd.
There's a lot of talk going around about this being an opportunity to upsell
Google Apps to Postini enterprise customers, but I can't imagine why. There's
no particular advantage to using Google Apps that's special to Google Message
services, or vice versa.
Of course, there are other companies in the e-mail security services
business, including Microsoft
Exchange Hosted Services (formerly FrontBridge) and MessageLabs. I know from my own testing
experience that it's hard to compare them in terms of the quality of their
services. Richi Jennings of Ferris Research confirms
that it's also hard to compare their pricing on like services. My own guess is
that they all do a good job with security.
The outsourcing advantages are just so big I have to repeat them: All the
e-mail that is blocked doesn't even make it to your network. It's blocked
before it even gets to your perimeter. The service therefore also provides
protection against DDoS (distributed denial of service) to a degree. And if
your own e-mail services go down, at least some of the outsourced services will
queue your e-mail up until you're ready to receive it; I know Postini—sorry,
make that Google Message Security—does this.
And remember, as Jennings
reminds me, "Google didn't buy Postini for the spam and virus filtering.
Google already had that covered, arguably better than Postini did. The real
need was for their archiving, e-discovery and compliance services." This
is where the real Google Apps connection comes in, as those capabilities get
integrated into Google Apps.
With respect to compliance and e-discovery, these services protect you
against yourself to a degree, and it's not hard to see some companies wanting
more flexibility than that, but it's a hard argument to make out loud. I think,
rather, that using an outside service, especially one managed by a large and
credible company like Google, adds credibility to your own efforts to comply
with your legal obligations.
Am I right? I'm not a lawyer, and it's too soon to tell. But it's not too
soon to know that outsourced e-mail security is a good buy.
Security Center
Editor Larry Seltzer has worked
in and written about the computer industry since 1983.
For insights on security coverage around the Web, take a look at eWEEK.com
Security Center Editor Larry Seltzer's blog Cheap Hack.
/ 6 
