The internet is dangerous, so what if you just don’t use it? That’s the somewhat ironic recommendation that Google, one of the world’s largest internet companies, makes to its employees. CNBC’s Jennifer Elias reports that Google is “starting a new pilot program restricting some employees to internet-free desktop PCs” while they work. An internal memo seen by CNBC notes that “Googlers are often the target of attacks” by criminals, and a great way to combat that is to be off the internet.
Employees of large tech companies are a much bigger target for criminals than normal people. Technology company employees have all kinds of access to sensitive data, and compromising a single employee can lead to sensitive infrastructure being misused. Just last week, Microsoft was targeted by a Chinese espionage hacking group that somehow stole a cryptographic key to bypass Microsoft’s authentication systems, gaining access to 25 organizations, including multiple government agencies.
The report says Google’s new pilot program will “disable Internet access on select desktops, excluding Google’s internal web-based tools and websites, such as Google Drive and Gmail.” This was originally mandatory for the 2,500 employees who were selected, but after “getting feedback” we assume this is very enthusiastic feedback: Google allows employees to opt out of the program. The company also wants some employees to work without root access, which makes sense for many computer functions, but not really for developers, who are used to being able to install new programs and tools.
Getting banned from the entire Internet would be tough, but Googlers in the high-security program still get access to “Google Web Sites,” which is actually a large part of the Internet. Google Search would be useless, but you could probably live a pretty good internet life writing documents, sending emails, taking notes, chatting with people, and watching YouTube.
It would presumably still be possible to receive a virus attachment by email, but that would have to get through Gmail’s filters. Blocking the non-Google parts of the internet would prevent most phishing attacks, attempts to download malicious code, and attempts to send data to a malicious server.