Google says it is getting even more serious about cracking down on sites that spread malware or attempt to phish for private information.
That’s a move that ethical IT pros across the world are celebrating.
But while Google promises the policy won’t apply to sites that are hacked, the proof will be in the pudding. That’s because Google, like the great and powerful wizard that it is, hasn’t always made itself easy to communicate with, especially for small organizations with light — but nonetheless vital — web operations.
As Recode noted earlier this year:
“It’s nearly impossible to contact Google for help. No direct email. No phone support. Not even chat. You’re basically on your own.â€
So what happens, then, if an organization’s site gets hacked to spread malware or phish, but the hack isn’t immediately obvious to Google’s Safe Browsing team?
Theoretically, under the new rules, Google would communicate about its decision with the site through its webmaster. But that’s where smaller organizations could be in trouble. Just having a webmaster is often, after all, a privilege afforded to larger organizations — and those organizations are more likely to have networking monitoring and data security teams in place already.
This is just further confirmation of a truism that only gets more true over time: Every organization that does any sort of work online — no matter how seemingly insignificant — is going to need expert IT help at some point in its evolution.
It’s likely only a matter of time before we see reports that organizations that had no idea their sites were being used to spread malware are being shut out by Google. The question will be whether Google will be there to pick up the phone when that happens.