Many blog enthusiasts were saddened earlier this month when they found out Google was going to completely shut down its Reader service. Initially, The Los Angeles Times said the decision was due to waning usage rates, but a report by AllThingsD shows that the company plans to axe the application because officials did not want to maintain, or likely bolster, the requisite compliance personnel to keep the popular aggregation program in line with emerging privacy mandates.
AllThingsD said the shutdown wasn't just a matter of company culture, Google was trying to become better-oriented so that it did not get into privacy and compliance hot water. The search giant also could not sell Reader, as it is too deeply ingrained with other proprietary applications.
"That means every team needs to have people dedicated to dealing with these compliance and privacy issues – lawyers, policy experts, etc," the website said. "Google didn't even have a product manager or full-time engineer responsible for Reader when it was killed, so the company didn't want to add in the additional infrastructure and staff, the sources said."
The extra data security headaches ultimately were not worth it, as AllThingsD reported there has been plenty of government push to go after Google, including a $7 million settlement with the U.S. Attorneys General after an investigation on the company's street view feature.
What companies can get from this Reader shutdown is that there should be more of an emphasis on data security regarding third-party apps. A recent report by Secunia showed that 86 percent of all vulnerabilities in 2012 were tied to non-Microsoft based applications. This has been a large jump over the past many years, as the number of third party security violations were a mere 57 percent in 2007, according to the report.
Wes Miller, a research analyst with Directions on Microsoft told CSO Online that these apps are pervasive and not as diligent about how they patch their software. There are also platform issues, as not every third party app producer is as steadfast and consistent about patches as a large scale organization might be.
"Third-party updates are more complicated," Stefan Frei, a research director at NSS Labs said, according to the news source. "You might have to reach out to 30 or 40 vendors to get updates."
Moving forward, companies need to be very careful about what third-party apps they use and make sure there is a corresponding data security measure in place .
Security News from SimplySecurity.com by Trend Micro