Location:
Home » Wiki » Google Apps FAQ
Community

Google Apps FAQ

Please note: The views expressed herein have been compiled from member postings and materials and should not be considered as representing policy or opinions of EDUCAUSE, nor do they represent an endorsement of the company, products or services.

Introduction

Many higher education institutions are contemplating migrating e-mail and other IT services to outside vendors. EDUCAUSE collected and compiled the following member generated frequently asked questions concerning outsourcing e-mail services. See other FAQs; Microsoft Live@edu FAQ, Zimbra email FAQ

Join the conversation by adding to the dynamic list of questions and answers by using the Edit tab (profile login required).

Financial

How much does Google Apps for Education cost?

Google Apps for Education is free. Google plans to keep the core offering of Google Apps Education Edition free. This includes user accounts for incoming students in the future.

In what areas are institutions realizing cost savings from the move to Google?

Cost savings depend on the size of the institution and the range of services that were in place prior to moving to Google Apps.  That said, most institutions report that cost savings have largely been in the area of servers and storage. Many institutions report saving money from not having to replace or buy new servers and storage. A second area of cost savings is staff time dedicated to e-mail administration. A third area mentioned is licensing fees.

 - Our prior e-mail system was hosted externally, and we were paying $75,000/yr. for the hosting services. Costs included in our payment were for storage, AV/AS, and maintenance.

- So, doing the math, we are (will be) saving the college $375,000 minimally over a five-year period. Please note that this does take into account personnel time for maintaining/administering an on-campus e-mail infrastructure.

Can we request changes to the contract language?

Yes, most schools do add QOS language and contract termination clauses to their contracts.

Can my institution ask Google to include language assuring that data is managed in a manner compliant with my state's PII regulations?

What kind of scanning/indexing of user data is done?

User content is only scanned or indexed in the following cases to provide a high-quality service:

  • Some user data, such as e-mail messages and documents, are scanned and indexed so users can search for information in their own Google Apps accounts.

  • E-mail is scanned for the purpose of spam filtering and virus detection.

  • E-mail is scanned in order to display contextually relevant advertising in some circumstances.  Advertisements can be disabled at the domain level for Google Apps for Education customers.  See the Google Apps for Education Agreement (Section 1.6) and Google Infrastructure Security & Privacy for additional information.

Google says it does not scan or index data for any other purposes. Google scanning and indexing procedures are automated and involve no human interaction. Except when your users choose to publish information publicly, Google Apps data is not part of the general google.com index. Scanned information is not shared with third parties.

Who owns content on Google docs or in e-mails on the Google servers?

Google does not own your data. Google does not take a position on whether the data belongs to the institution signing up for Google Apps or the individual user. That's an instituional decision, but the data doesn't belong to Google:

  1. Google won't share your data with others except as noted in their Privacy Policy.

  2. Google keeps your data as long as you require them to keep it.

  3. Google believes that you should be able to take your data with you if you choose to use external services in conjunction with Google Apps or stop using Google services altogether.

What happens when data stored on Google servers is in a foreign country? Does this produce a security threat when each sovereign country has its own ownership and data-related security legislation? 

Google Response: We abide by all U.S. laws when it comes to your data, and the contract should also be pointed to for this. Google's data centers are under direct control of Google Inc, which is a U.S. company. We are committed to protecting user privacy when faced with law enforcement requests. We have a track record of advocating on behalf of user privacy in the face of such requests. We scrutinize such requests to insure that they adhere to both the letter and the spirit of the law before complying. Unless prohibited by law, we do our best to notify the subject named in any such requests in order to give them the opportunity to object. Like all law-abiding companies, we comply with U.S. laws and legal processes.

How are FERPA, HIPAA, and other privacy requirements handled when using Google Apps?

Google Health lets users store and manage medical records online. Unlike a doctor or health plan, Google Health is not regulated by the Health Insurance Portability and Accountability Act (HIPAA), a federal law that establishes data confidentiality standards for patient health information. This is because Google does not store data on behalf of health care providers. Instead, Google's primary relationship is with the user. Under HIPAA, users have a right to obtain a copy of their medical records.

The Google Health privacy policy governs what information Google Health collects and how it is used, and any violation of that policy can be enforced by the Federal Trade Commission, which takes action against companies that engage in unfair and deceptive trade practices—including violations of their privacy policies. Check out more information on Google Health and HIPAA.

There is a FERPA provision in the Google agreement.

How does the e-discovery process work in a Google Apps environment?

Google complies with valid legal process. It is Google's policy to notify users before turning over their data whenever possible and legally permissible. The Google Message Discovery service is powered by Postini. 

See the Google’s Security and Privacy Help page for more questions in this area. Other Google resources include:

The EDUCAUSE/Internet2 Higher Education Information Security Council have created a separate wiki Security Considerations for Cloud Computing.

Technical and Administrative

Active Directory Intergration?

Google Apps Directory Sync page

Authentication and Authorization

This document describes how to get started using Google's implementation of the OAuth protocol to authorize a web application's requests for access to a user's data: http://code.google.com/apis/accounts/docs/OAuth.html

Does Gmail integrate with Blackboard?

Description of early Bb/GAE integration: http://googleenterprise.blogspot.com/2009/07/building-blocks-connecting-google-apps.html

Northwestern University’s Bboogle Collaboration Tool: http://sites.google.com/site/bboogleblock

How long does migration to Google Apps take?

The Google site provides a six-week plan for integration. See Google’s e-mail migration options: http://www.google.com/support/a/bin/answer.py?answer=57920

How many FTEs does it take to complete a migration your plan?

Is the migration plan is independent of the number of users migrated?

Has anyone used (and can recommend) any of the Google Apps Marketplace vendors toexpedite/ease a migration?

What information is available regarding intergrating with SSO?

See Google’s SSO (Single Sign-On) help page.

Will my school need to do additional custom scripting/coding?

How do you incorporate campus wide automated distribution lists?

How are some schools dealing with the dual address issue netid@school.edu &first.last@school.edu?

Schools that use both an official email address and a nickname or alias can map one address to the other such that any email or document shared will work regardless of which address was used to send/share. Also, the Google team is working to build more granular control of the global directory such that administrators can determine what users see or not see (i.e. users should only see another user’sfirstname.lastname@school.eduaddress and not their netid@school.eduaddress, or perhaps for privacy purposes nothing shows up in the directory  for students.)

Should we create a separate Google Domain for adjunct email, i.e adjuncts.school.edu or create school.edu in Google and route the email between our Exchange servers and Google?

Support and Help Desk

E-mail access issues?

 |  | 
Backup and restore
Submitted by Diego Ariel Kramer (The Hebrew University of Jerusalem) on June 29, 2010 - 6:31am.

What is Google SLA regarding data restote upon user request

This content has been flagged for review
Submitted by Jiri M. Maca (University of Economics, Prague) on December 2, 2010 - 3:28pm.
This content have been flagged for review. Our moderators will review this content as soon as possible.
Re: Backup and Restore
Submitted by Kyle Johnson (Kyle Johnson Consulting) on June 29, 2010 - 7:02am.

My recollection and understanding is that this kind of backup/restore would have to be handled by a third party product (i.e. the core Google Apps doesn't provide this).  Google does provide a fee based service (based on the number of users) called Postini that archives all incoming and outgoing email.  Among other things, that product allows a user to restore one or a group of messages to their mailbox without assistance from your support folks.
 
© Copyright 1999-2012 EDUCAUSE
  Unless otherwise noted, EDUCAUSE holds the copyright on all materials published by the association, whether in print or electronic form. In certain cases the work remains the intellectual property of the individual author(s) (see Special Circumstances). Content from conference speeches, presentations, blogs, wikis and feeds reflect the opinions of the author, and not necessarily those of EDUCAUSE or its members.