How does the security aspect work? Typically in the corporate environment, accessing files requires a VPN and then they usually require things like a special firewall and anti-virus.
Are any of these security measures possible from Google apps?

If the security aspects are handled this can be useful ...

I am interested in getting more information about the security aspect of this implementation as well.

Seems to me that all gov files are going to be stored in Google's site?

As for the security implementation, you can use anything you want for Google Apps authentication as long as its SAML compliant.

So, your SAML IdP (what does the authentication) can have plugin modules for smart card authentication as well as require the person logging in to be coming from a certain IP range (aka. your VPN subnet).

Personally, I think this is a horrible idea, but it could certainly work and still maintain the government's strict level of security.

Oh, Dear God ... what happens once they get hacked? I'm sure Gov. Palen "thought" she was secure when she was using her Yahoo account. Looks like there will be an opening in D.C.'s CTO office soon.

See Vivek Kundra as opening keynote for the 2009 GMIS International Educational Conference (see www.gmis2009.org for details) to be hosted in Newport, RI at the Hyatt Regency Spa & Resort.

This conference will be unprecedented in the government technology space!!

Is anyone else worried about this kind of thing being handled by one entity? Google is first and foremost a data mining company. In addition to being concerned about the security of the data being transferred between Google and the end user (as addressed above), I'm concerned about who would have access to our private corporate information.

I'm in the process of choosing between Google and Zimbra for our company. This is an interesting article, but I hope people do plenty of research to be sure they know what they are getting when going to Google.

Kundra cites a cost of $8 per month per user, that is an absurd $96 per person per year. No wonder he feels he is getting a bargain for $50 per person per year with Google.

Three problems. I have serious doubts about the $96 per person for email being accurate. We charge our municipal clients between $18 - $24 per year per user for email with Postini filtering and there is not forced advertising.

Second problem others have cited is government records retention requirements and security. What has Google committed to do for them in this area. Is it included in the $50 per user per year? Probably not, can you say cost overrun.

Third, I seriously doubt if all 38,000 employees have email so the cost savings over Gmail may not be as great as one thinks.

Seriously, I wish him the best of luck with this project. It is going to be a real mess if it doesn't work out.

All the talk about security problems is bogus. The fact of the matter is government agencies trust their data to contractors all the time. Google is contractor just like any other and has to abide by government regulations and contract rules.

I applaud President Obama and Vivek Kundra for their forward thinking. As Kundra said in the article, "Why should I spend millions on enterprise apps when I can do it at one-tenth cost and ten times the speed?" That is exactly what this country needs -- people who question the effectiveness of the old way of doing things, who don't just go along because that's the way "things have always been done."

If Kundra and Obama were working outside of government, they'd be applauded for their bold move, even more so in today's economic climate. The fact is, many CIOs are forced to find innovative ways to get things done with less (read: outsourcing). If not, budgets are cut and companies suffer.

Unless these emails are encrypted before being stored on google's server and only decrypted with a key on the senders' and receipients' PCs, it would seem to me that there is a serious risk that confidential, government information will be available to non-government personnel. I would have to believe that the federal governments security requirements are more stringent than Google's and that they vet their support staff more rigorously than does google. Plus, nothing prohibits google from storing these emails on servers across the world - do we really want our federal governments sensitive emails stored on a server in China???

This is absolutely absurd!