Google Beware: Web delivery of applications can be fraught with peril

It may not be obvious to everyone that web delivery of applications is the next big thing, but after using web based applications to run my newly launched company I am convinced it is a revolution.  Bill Gates caught on to this less than six months ago, demonstrating once again how a brilliant founder at the helm can help guide a technology company through dramatic sea changes.

Use Writely, recently acquired by Google, for creating documents and you will quickly see the power of web based applications. Use Gmail or Yahoo! Mail for email and you will discover the power of letting someone else worry about spam and email born viruses. Use Salesforce.com for customer relationship management and you will be awestruck.  This is truly the wave of the near future.

But what about security?  Is it safe to host all of your customer contact information with a third party? Your email? Your documents? And, as Google gets ready to launch Google Spreadsheet, your financials?

 I say it can be safer to use a third party than your own computers to host your applications. Certainly from a reliability standpoint it can be. System crashed? Hard drive trashed? Laptop stolen? No worries. Just log on to your account from a different computer. But what happens when the provider of that application is hacked? Data loss, or denial of service could wreak havoc with a web based service. 

So beware, Google.  Use good authentication techniques. Do not allow simple (guessable) passwords. Encrypt user data so the loss of backup tapes does not mean a fiasco. Bind the keys to the user login so that data is not discoverable by a too-intrusive governement. 

As applications move to the web do not repeat the mistakes of the host-bound software industry in neglecting security until the threats grow too large to counter.

UPDATE 9:15 AM 6-6-06.  Google Spreadsheet signup is at this address.