The Reality Of Government Intrusion Risks For Cloud Businesses

The Reality of Government Intrusion Risks for Cloud Businesses

The concerns around government intrusion in cloud stored data, especially to reveal user sensitive information are amongst the most discussed topics within the cloud community. Although the concerns are often exaggerated, there is some truth in these concerns and sooner or later a cloud service provider may receive request from government authorities to reveal information or processes that are considered private and sometimes regarded as secrets, both in personal and organizational capacities. A more serious issue is that of unwarranted snooping into data residing in cloud and several incidents of data breach from both government and private authorities are in fact unlawful.

After the passage of Patriot Act, security agencies have issued several thousand NSLs (National Security Letters) to companies such as Microsoft, Google and Amazon etc. to obtain information and private data of hundreds of users without their knowledge or consent. Some other laws, such the FISA (Foreign Intelligence Surveillance Act) applies directly to foreign nationals who have stored data in servers or cloud services residing in the U.S. and the law allows the Government to have unrestricted access to their data. The agencies have also deployed specialized infrastructure to eavesdrop on network traffic in order to obtain intelligence rendering most unprotected data vulnerable to leakage, even with the knowledge of service provider.

Hence data privacy breach from Government is a unique case of data protection which requires special measures to protect user privacy. After all, the adaptability of a cloud service by users will rely upon their confidence in the service provider for protecting their data to the same level as they would obtain for in-house storage. In fact, many users are reluctant to use cloud services because of the security breach concerns and the threat of losing control over the data. Additionally, some cautious administrators believe that if the government can spy on their data, so can criminals, making it crucial to add protection layers.  Hence, it is important to make any intercepted data useless for hackers and robust data monitoring and threat detection techniques are needed to be deployed as part of an effective security framework.

Primarily, all data should be encrypted before it leaves client premises and the encryption keys must be maintained in a separate server, ideally placed in-house. A similar technique is employed by Dropbox and Google Drive services which help them secure data against network intrusions. For those requiring extra security, a local service can be used on top of cloud service application that can encrypt and maintain keys locally using cryptographic algorithms such as AES and SHA. Some software already provides such functionality such as gKrypt and SafeMonk that can ensure users against intrusion from service providers or unwarranted government involvement. However new security architectures may be required that balances information security without compromising legitimate access by government to detect malicious information.

By Salam UI Haq

Follow Us!

CloudTweaks

Established in 2009, CloudTweaks.com is recognized as one of the leading authorities in cloud computing information. Most of the excellent CloudTweaks articles are provided by our own paid writers, with a small percentage provided by guest authors from around the globe, including CEOs, CIOs, Technology bloggers and Cloud enthusiasts. Our goal is to continue to build a growing community offering the best in-depth articles, interviews, event listings, whitepapers, infographics and much more...
Follow Us!

Sorry, comments are closed for this post.

Join Our Newsletter

Receive updates each week on news, tips, events, comics and much more...

Can I Contribute To CloudTweaks?

Yes, much of our focus in 2015 will be on working with other influencers in a collaborative manner. If you're a technology influencer looking to collaborate long term with CloudTweaks – a globally recognized leader in cloud computing information – drop us an email with “tech influencer” in the subject line.

Please review the guidelines before applying.

Contributors

Cloud Infographic – Wearable Tech And Preventative Healthcare

Cloud Infographic – Wearable Tech And Preventative Healthcare

Wearable Tech And Preventative Healthcare There are so many exciting new opportunities available to utilize wearable technology in the future.  Areas such as nanotechnology disease monitoring, crowdfunding to wearable accessories are some excellent examples of the potential. Estimates vary, but appear to suggest that the market will produce between $14-50 Billion over the next few years. Included below

Ten Tips For Successful Business Intelligence Implementation

Ten Tips For Successful Business Intelligence Implementation

Ten Tips for Successful Business Intelligence Implementation The cost of Business Intelligence (BI) software goes far beyond the purchase price. Time spent researching, implementing, and maintaining your BI investment can snowball quickly and mistakes are often expensive. Your time is valuable – save it by learning from other businesses’ experiences. We’ve compiled the top ten

Knots And Cloud Service Providers

Knots And Cloud Service Providers

How Do These Two Compare? In Boy Scouts, I learned how to tie knots. The quickest knot you can tie is the slipknot. It’s very effective for connecting one thing to another via the rope you have. It was used in setting up tents, mooring boats to docks temporarily and lifting your food up into

Aggregated News

Popular News Sources

Storage Considerations for SharePoint Backups

Storage Considerations for SharePoint Backups

Storage Considerations for SharePoint Backups Wednesday, October 29, 2014 @ 9:00 am/12:00pm ET. Backup and Restore of a SharePoint environment can be a complex endeavor as the product consists of multiple components running at various tiers, each with their own backup and restore requirements. In addition, SharePoint documents are stored as Binary Large Objects (BLOBs) in

OpenDNS Deployment Leads to Twenty-Fold Decrease in Malware Infections at Hamamatsu

OpenDNS Deployment Leads to Twenty-Fold Decrease in Malware Infections at Hamamatsu

Decreases in Malware Infections at Hamamatsu OpenDNS, a leading provider of cloud-delivered security, today announced that it has enabled Hamamatsu, a Japanese manufacturer of optical sensor technologies, to virtually eliminate malware infections across its U.S. Read the source article at Finance News About Latest Posts Follow Us!CloudTweaksEstablished in 2009, CloudTweaks.com is recognized as one of the

IBM and Microsoft – What Are They Doing With The Hybrid Cloud?

IBM and Microsoft – What Are They Doing With The Hybrid Cloud?

What Are They Doing With The Hybrid Cloud? “Microsoft is committed to helping enterprise customers realize the tremendous benefits of cloud computing across their own systems, partner clouds and Microsoft Azure,” said Scott Guthrie, executive vice president,Cloud and Enterprise, Microsoft. “With this … Read the source article at CNNMoney About Latest Posts Follow Us!CloudTweaksEstablished in 2009, CloudTweaks.com is recognized