Is Google Now the Lastest Enterprise Security Concern?

From Wikipedia:

Google Now is an intelligent personal assistant available for Google’s Android operating system. An extension of Android’s native Google Search application, Google Now uses a natural language user interface to answer questions, make recommendations, and perform actions by delegating requests to a set of web services. Along with answering user-initiated queries, Google Now passively delivers information to the user that it predicts they will want, based on their search habits. It was first included in Android 4.1 (“Jelly Bean”) and was first supported on the Galaxy Nexus. Popular Science named Google Now the “Innovation of the Year” for 2012.[1]

One of the nice features (pictured below) is Google Now’s ability to remind you of your next calendar appointment and when you need to leave.  

picture via

While this a very nice feature for the user, it may not be ideal for Information Security managers responsible for protecting sensitive data.  One may argue that this only happens when you use Google services (ie Gmail) but this is not the case.  If the default email account is an enterprise active sync account then Google Now will read your appointments (which may have sensitive data) so that it can provide you real time information.

As more enterprise IT departments consider allowing Android they need to be aware of applications like Google Now to make sure that they won’t cause data security issues down the road.  In a quick cursory search, none of the leading MDM (mobile device mgmt) solutions provided an option to block the Google Now app.