The Reality Of Government Intrusion Risks For Cloud Businesses

The Reality of Government Intrusion Risks for Cloud Businesses

The concerns around government intrusion in cloud stored data, especially to reveal user sensitive information are amongst the most discussed topics within the cloud community. Although the concerns are often exaggerated, there is some truth in these concerns and sooner or later a cloud service provider may receive request from government authorities to reveal information or processes that are considered private and sometimes regarded as secrets, both in personal and organizational capacities. A more serious issue is that of unwarranted snooping into data residing in cloud and several incidents of data breach from both government and private authorities are in fact unlawful.

After the passage of Patriot Act, security agencies have issued several thousand NSLs (National Security Letters) to companies such as Microsoft, Google and Amazon etc. to obtain information and private data of hundreds of users without their knowledge or consent. Some other laws, such the FISA (Foreign Intelligence Surveillance Act) applies directly to foreign nationals who have stored data in servers or cloud services residing in the U.S. and the law allows the Government to have unrestricted access to their data. The agencies have also deployed specialized infrastructure to eavesdrop on network traffic in order to obtain intelligence rendering most unprotected data vulnerable to leakage, even with the knowledge of service provider.

Hence data privacy breach from Government is a unique case of data protection which requires special measures to protect user privacy. After all, the adaptability of a cloud service by users will rely upon their confidence in the service provider for protecting their data to the same level as they would obtain for in-house storage. In fact, many users are reluctant to use cloud services because of the security breach concerns and the threat of losing control over the data. Additionally, some cautious administrators believe that if the government can spy on their data, so can criminals, making it crucial to add protection layers.  Hence, it is important to make any intercepted data useless for hackers and robust data monitoring and threat detection techniques are needed to be deployed as part of an effective security framework.

Primarily, all data should be encrypted before it leaves client premises and the encryption keys must be maintained in a separate server, ideally placed in-house. A similar technique is employed by Dropbox and Google Drive services which help them secure data against network intrusions. For those requiring extra security, a local service can be used on top of cloud service application that can encrypt and maintain keys locally using cryptographic algorithms such as AES and SHA. Some software already provides such functionality such as gKrypt and SafeMonk that can ensure users against intrusion from service providers or unwarranted government involvement. However new security architectures may be required that balances information security without compromising legitimate access by government to detect malicious information.

By Salam UI Haq

CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as technology related infographics and comics.

Contact us for more information on how to get involved in our content related services and placement programs.

CONTRIBUTORS

Will Chatbots Finally Make Mobile Payments Popular?

Will Chatbots Finally Make Mobile Payments Popular?

The Future of Chatbots We’ve profiled several digital wallet platforms that aim to change how we make payments. Apple, Samsung, ...
Meet GRAIL - Fighting Cancer with Big Data, AI and the Cloud

Meet GRAIL – Fighting Cancer with Big Data, AI and the Cloud

Improve Your Chances of Surviving Cancer by 5X to 10X How would you like to improve your odds of surviving ...
Using Cloud Analytics To Improve Customer Experience

Using Cloud Analytics To Improve Customer Experience

Evolution of Cloud Analytics Moving data to the cloud, once considered a strenuous task, has now become commonplace in most ...
What Is Two-Factor Authorization?

What Exactly Is Two-Factor Authorization?

What Is Two-Factor Authorization? Two-factor authorization. Most of us think we know what it is, but a recent news event ...
How B2B Ecosystems & (Big) Data Can Transform Sales and Marketing Practices

How B2B Ecosystems & (Big) Data Can Transform Sales and Marketing Practices

B2B Ecosystems & (Big) Data Managing your relationships with customers, suppliers, and partners and constantly improving their experience is a ...
Small Businesses CAN Compete Using The Cloud

Small Businesses CAN Compete Using The Cloud

Small Businesses Cloud In the past, small business owners had to either run applications or software that was downloaded physically ...
The Non-Holiday-Specific Mall For Cloud Solutions

The Non-Holiday-Specific Mall For Cloud Solutions

Cloud Solutions Mall If a mall were dedicated to cloud and cloud solutions and that mall had an Easter Bunny ...
Cloud Job Opportunities

Cloud Computing Continues To Present New Job Opportunities

Cloud Computing Job Opportunities Over the next decade we can expect many new cloud computing job opportunities to come to ...

NEWS

Tesla Set Unveil a Prototype Electric Big-rig Truck

Tesla Set Unveil a Prototype Electric Big-rig Truck

SAN FRANCISCO (Reuters) - Tesla Inc (TSLA.O) on Thursday will unveil a prototype electric big-rig truck, which may be able ...
OVH Announces New Hosted Private Cloud Offerings for US Market

OVH Announces New Hosted Private Cloud Offerings for US Market

OVH delivers next-generation services for hosted private cloud, disaster recovery, and hybridity leveraging industry-leading solutions RESTON, VA--(Marketwired - Nov 20, ...
One of Sweden's Largest Banks Selects OpenStack Cloud Provider 'City Network'

One of Sweden’s Largest Banks Selects OpenStack Cloud Provider ‘City Network’

SBAB Selects OpenStack Cloud Provider 'City Network' City Network, a leading global supplier of IT infrastructure as a service (IaaS) ...