API Journal Authors: Ruxit Blog, William Schmarzo, Elizabeth White, Yeshim Deniz, Derek Weeks

Blog Feed Post

Google Apps Assassinated My Domain – BEWARE!


I’ve been a long-time user of Google Apps and have recommended it to dozens of colleagues and associates. I currently use both the Standard (free) and Enterprise (paid) version of apps for several very high profile and long-standing domains. I’ve always considered it to be a reliable and cost-effective option for providing core email, calendar, and other services. However, I’ve recently fallen victim to activity by Google that demonstrates how an enterprise is placing their operations at risk if using Google Apps for their domain.

The first indication that there was a problem was an error message on my iPhone indicating that the password was incorrect for the domain in question. Since the password hadn’t been changed recently, I decided to investigate from my desktop by trying to log into the account. I was greeted with a message that stated “This account has been disabled” and a recommendation to change my password if I was having problems.

I followed the process for changing the password successfully and attempted to log in again. “This account has been disabled.” I consulted Google and found no helpful forum or blog postings on how to resolve this issue. I searched for a way contact Google associated with this issue. No luck. There is an option to obtain dial-in support, but that requires access to your account PIN and since I couldn’t log into the Apps admin panel, I couldn’t obtain the PIN. If you call Google Apps support, there is no way to proceed without the PIN.

I decided to post a message on the support forum for Google Apps. After ten days, there were no replies from other users or “advisors” from Google despite my attempt to bump the thread.

So let’s recap the impact to the domain after more than 7 days:

No email – not only could I not send and receive email, when folks tried to email me they got a hard bounce (account disabled). It is one thing to disable access to email, but bouncing email is catastrophic as communications completely fail instead of being queued in the inbox until the issue is resolved.

No App services – Calendar, Docs, Drive, and all Google App services are completely blocked. These are not critical for this domain in particular, but would be high impact if denied for some of my other domains.

Things were starting to get desperate. What could I do to restore email? Migrate the MX entries to another provider?

Ninety-six hours later, still no resolution. I’ve deliberately delayed migrating to another service provider so that I could provide an accurate perspective and timeline for this blog post, but it would appear that Google had successfully denied service to the business with no way to seek resolution.

I’d searched my email for this domain and the back-up email associated with the domain. There had been no correspondence from Google indicating an issue with the domain or an attempt to notify me of an impending or enacted disabling of the account. Google App services on the domain were killed with no explanation and no recourse.

In desperation, I decided to try and social engineer my way to support. I dialed in and entered the PIN from another one of my domains and once I got a human on the phone explained my issue. They promised they would look into it and call me in a few hours. I gave them my home and mobile numbers and made them promise to call back before hanging up. You guessed it, no call back. During that dial-in process, I was able to get a trouble-ticket issued so after a day I emailed Google Apps support in reference to that trouble ticket. Within a few days I had elevated it to a senior support person who suddenly emailed me a resolution:

“I have reviewed you case and can see that your account was incorrectly disabled due to an internal issue which our technical team has now resolved.

Therefore I have gone ahead and re-enabled your account and you should now be able to log in to use Google Apps.

I am sorry for the inconvenience caused. I understand that you were without access to the Google Apps services and I really appreciate your patience whist we have worked through this issue.”

The problem is now fixed, but not without significant impact to the domain in question and no explanation from GOogle as to how an “internal issue” can disable a business for over a week.

If you are currently using Google Apps for your domain, or considering the service, I would recommend you be aware that you are placing your livelihood in the hands of Google, which has no incentive to provide reliable services or support. Google can disable your domain services at their sole discretion with no recourse other than to move to an alternative service provide and social engineer a resolution that took over a week to resolve.

I’ll be looking at Rackspace and Microsoft as alternative service providers and appreciate any recommendations you may have regarding your experiences with those services.

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley writes on enterprise IT. He is a founder and partner at Cognitio Corp and publsher of CTOvision.com

@ThingsExpo Stories
What happens when the different parts of a vehicle become smarter than the vehicle itself? As we move toward the era of smart everything, hundreds of entities in a vehicle that communicate with each other, the vehicle and external systems create a need for identity orchestration so that all entities work as a conglomerate. Much like an orchestra without a conductor, without the ability to secure, control, and connect the link between a vehicle’s head unit, devices, and systems and to manage the ...
Virgil consists of an open-source encryption library, which implements Cryptographic Message Syntax (CMS) and Elliptic Curve Integrated Encryption Scheme (ECIES) (including RSA schema), a Key Management API, and a cloud-based Key Management Service (Virgil Keys). The Virgil Keys Service consists of a public key service and a private key escrow service. 

Web Real-Time Communication APIs have quickly revolutionized what browsers are capable of. In addition to video and audio streams, we can now bi-directionally send arbitrary data over WebRTC's PeerConnection Data Channels. With the advent of Progressive Web Apps and new hardware APIs such as WebBluetooh and WebUSB, we can finally enable users to stitch together the Internet of Things directly from their browsers while communicating privately and securely in a decentralized way.
Amazon has gradually rolled out parts of its IoT offerings, but these are just the tip of the iceberg. In addition to optimizing their backend AWS offerings, Amazon is laying the ground work to be a major force in IoT - especially in the connected home and office. In his session at @ThingsExpo, Chris Kocher, founder and managing director of Grey Heron, explained how Amazon is extending its reach to become a major force in IoT by building on its dominant cloud IoT platform, its Dash Button strat...
Two weeks ago (November 3-5), I attended the Cloud Expo Silicon Valley as a speaker, where I presented on the security and privacy due diligence requirements for cloud solutions. Cloud security is a topical issue for every CIO, CISO, and technology buyer. Decision-makers are always looking for insights on how to mitigate the security risks of implementing and using cloud solutions. Based on the presentation topics covered at the conference, as well as the general discussions heard between sessi...
For basic one-to-one voice or video calling solutions, WebRTC has proven to be a very powerful technology. Although WebRTC’s core functionality is to provide secure, real-time p2p media streaming, leveraging native platform features and server-side components brings up new communication capabilities for web and native mobile applications, allowing for advanced multi-user use cases such as video broadcasting, conferencing, and media recording.
Fifty billion connected devices and still no winning protocols standards. HTTP, WebSockets, MQTT, and CoAP seem to be leading in the IoT protocol race at the moment but many more protocols are getting introduced on a regular basis. Each protocol has its pros and cons depending on the nature of the communications. Does there really need to be only one protocol to rule them all? Of course not. In his session at @ThingsExpo, Chris Matthieu, co-founder and CTO of Octoblu, walk you through how Oct...
Major trends and emerging technologies – from virtual reality and IoT, to Big Data and algorithms – are helping organizations innovate in the digital era. However, to create real business value, IT must think beyond the ‘what’ of digital transformation to the ‘how’ to harness emerging trends, innovation and disruption. Architecture is the key that underpins and ties all these efforts together. In the digital age, it’s important to invest in architecture, extend the enterprise footprint to the cl...
Almost everyone sees the potential of Internet of Things but how can businesses truly unlock that potential. The key will be in the ability to discover business insight in the midst of an ocean of Big Data generated from billions of embedded devices via Systems of Discover. Businesses will also need to ensure that they can sustain that insight by leveraging the cloud for global reach, scale and elasticity.
A critical component of any IoT project is what to do with all the data being generated. This data needs to be captured, processed, structured, and stored in a way to facilitate different kinds of queries. Traditional data warehouse and analytical systems are mature technologies that can be used to handle certain kinds of queries, but they are not always well suited to many problems, particularly when there is a need for real-time insights.
One of biggest questions about Big Data is “How do we harness all that information for business use quickly and effectively?” Geographic Information Systems (GIS) or spatial technology is about more than making maps, but adding critical context and meaning to data of all types, coming from all different channels – even sensors. In his session at @ThingsExpo, William (Bill) Meehan, director of utility solutions for Esri, will take a closer look at the current state of spatial technology and ar...
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at @ThingsExpo, James Kirkland, Red Hat's Chief Arch...
The IoT industry is now at a crossroads, between the fast-paced innovation of technologies and the pending mass adoption by global enterprises. The complexity of combining rapidly evolving technologies and the need to establish practices for market acceleration pose a strong challenge to global enterprises as well as IoT vendors. In his session at @ThingsExpo, Clark Smith, senior product manager for Numerex, will discuss how Numerex, as an experienced, established IoT provider, has embraced a ...
Everyone knows that truly innovative companies learn as they go along, pushing boundaries in response to market changes and demands. What's more of a mystery is how to balance innovation on a fresh platform built from scratch with the legacy tech stack, product suite and customers that continue to serve as the business' foundation. In his General Session at 19th Cloud Expo, Michael Chambliss, Head of Engineering at ReadyTalk, will discuss why and how ReadyTalk diverted from healthy revenue an...
SYS-CON Events announced today that Hitrons Solutions will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Hitrons Solutions Inc. is distributor in the North American market for unique products and services of small and medium-size businesses, including cloud services and solutions, SEO marketing platforms, and mobile applications.
SYS-CON Media announced today that @WebRTCSummit Blog, the largest WebRTC resource in the world, has been launched. @WebRTCSummit Blog offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. @WebRTCSummit Blog can be bookmarked ▸ Here @WebRTCSummit conference site can be bookmarked ▸ Here
SYS-CON Events announced today that Super Micro Computer, Inc., a global leader in Embedded and IoT solutions, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 7-9, 2017, at the Javits Center in New York City, NY. Supermicro (NASDAQ: SMCI), the leading innovator in high-performance, high-efficiency server technology, is a premier provider of advanced server Building Block Solutions® for Data Center, Cloud Computing, Enterprise IT, Hadoop/Big Data, HPC and ...
SYS-CON Events announced today that Streamlyzer will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Streamlyzer is a powerful analytics for video streaming service that enables video streaming providers to monitor and analyze QoE (Quality-of-Experience) from end-user devices in real time.
You have great SaaS business app ideas. You want to turn your idea quickly into a functional and engaging proof of concept. You need to be able to modify it to meet customers' needs, and you need to deliver a complete and secure SaaS application. How could you achieve all the above and yet avoid unforeseen IT requirements that add unnecessary cost and complexity? You also want your app to be responsive in any device at any time. In his session at 19th Cloud Expo, Mark Allen, General Manager of...
SYS-CON Events announced today that LeaseWeb USA, a cloud Infrastructure-as-a-Service (IaaS) provider, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. LeaseWeb is one of the world's largest hosting brands. The company helps customers define, develop and deploy IT infrastructure tailored to their exact business needs, by combining various kinds cloud solutions.