Ashwin Krishnan

The Cloud Has Your Data (Whether You Like It Or Not)

Cloud Cleanup Anyone?

Following on where we left off from my last two articles now we shift focus to what this data collection means to you and me and some impending regulations that presumably give us control but do they really? And if we can’t rely on regulations alone, then what can we do about it to protect ourselves?

Let’s start with the regulation GDPR that is making the rounds or all the right reasons – which for the uninitiated is ‘General Data Protection Regulation‘, a sweeping regulation that originated in the EU and impacts not just EU enterprises but every enterprise that has customers or partners in the EU – that affords controls to end customers – enterprises and individuals. Let’s focus on one such with a catchy title ‘The Right to be Forgotten’ (could serve as a good tag line for an estranged lover’s song lyrics as well) which is really the right to ask your provider to erase every digital footprint that you left behind and. On the face of it, this looks very compelling – imagine I can call Vodafone and say, ‘forget me’ and all my digital exhaust is obliterated. But is that really the case? Lets’ dig in. If every provider needs to uniquely identify each of their customers’ digital trail on a continuous basis, imagine the cost that it’s going to entail. And is it even feasible? Let me explain my skepticism. The average number of IP devices in an average US home was about 25 (laptops, smartphones, smart TVs, NEST sensors, IoE devices …) last year that is likely to double this year. And the amount of data that each of these devices is generating is also skyrocketing. So how realistic is it that providers are going to be able to keep up with this data tsunami and fingerprint these in real-time in the event that I hit the ‘Erase All’ button and they need to bring the Kleenex out?

(Source: oecdinsights)

I hope I have your attention now. So, what we are left with – as enterprises and consumers – then? As enterprises – the answer comes down to protecting your own data. And the ‘easiest’ way to do it is by encrypting everything AND keeping the crypto keys with you. The cloud providers’ response of – we can’t provide you with customized solutions or good analytics – with encrypted data is no longer valid. Good technology like ‘homomorphic encryption’ allows for data analytics even on encrypted data. So encrypt everything, and keep the keys with you. As consumers, it is more challenging. I do want Netflix to offer me a 3 month ‘All you can eat Bollywood movies’ based on my viewing patterns. But I do not want Roomba (yes, the vacuum) to snoop and collect data on me without my explicit permission. So, we fickle consumers, want the cake and eat it too! And for the right reasons. So, anonymizing everything with things like the Tor browser or obfuscating IP addresses is not for the faint of heart. And with the pervasiveness of connected pacemakers, insulin monitoring tools, connected refrigerators – all of which collect and send data to the cloud – there is no pragmatic way of obfuscating or anonymizing anything anymore. So, it really boils down to the contract between providers and consumers that needs to change. Regulation clearly helps but we – as consumers – need to become more educated individually, help our friends and family get educated and demand answers from provider’s aka grassroots activism. If you want to join in on the conversation – there is a brand-new podcast series called ‘The Moral Compass’ that I will be hosting and looking for folks who feel strongly about this subject to join me in the conversation (drop me a line). This is not easy, but pursuing anything worthwhile rarely is.

By Ashwin Krishan

Ashwin Krishnan

Ashwin is an industry expert with over two decades of experience in cybersecurity and cloud technologies. The author of “Mobile Security for Dummies”, is currently Senior Vice President of Products and Strategy at HyTrust, a late stage security startup. A recognized thought leader, Ashwin has written for LightReading.com, Virtual-Strategy.com, ITSPMagazine.com, & SiliconIndia.com. Ashwin has also spoken at a number of conferences and events including Mobile World Congress, RSA Security Conference, VMWorld, Telecom Industry Association, and Product Camp Silicon Valley.

View Website

CONTRIBUTORS

What’s Next In Cloud And Data Security For 2017?

What’s Next In Cloud And Data Security For 2017?

Cloud and Data Security It has been a tumultuous year in data privacy to say the least – we’ve had ...
As Enterprises Execute Their Digital Strategies, New Multi-cloud Landscape Emerge

As Enterprises Execute Their Digital Strategies, New Multi-cloud Landscape Emerge

The Multi-cloud Landscape The digital universe is expanding rapidly, and cloud computing is building the foundation for almost infinite use ...
10 Ways The Enterprise Can Prevent Data Leaks In The Cloud

10 Ways The Enterprise Can Prevent Data Leaks In The Cloud

Prevent Data Leaks In The Cloud More companies are turning to the cloud for storage. In fact, over 60 percent ...
Digital Transformation: Not Just For Large Enterprises Anymore

Digital Transformation: Not Just For Large Enterprises Anymore

Digital Transformation Digital transformation is the acceleration of business activities, processes, and operational models to fully embrace the changes and ...
Chris Gerva

Why Containers Can’t Solve All Your Problems In The Cloud

Containers and the cloud Docker and other container services are appealing for a good reason - they are lightweight and ...
Cloud-Based or On-Premise ERP Deployment? Find Out

Cloud-Based or On-Premise ERP Deployment? Find Out

ERP Deployment You know how ERP deployment can improve processes within your supply chain, and the things to keep in ...
What You Need To Know About Choosing A Cloud Service Provider

What You Need To Know About Choosing A Cloud Service Provider

Selecting The Right Cloud Services Provider How to find the right partner for cloud adoption on an enterprise scale The ...
Imminent IoT Eye-Tracking Technologies To Transform The Connected World

Imminent IoT Eye-Tracking Technologies To Transform The Connected World

IoT Eye Tracking Smelling may be the first of the perceptible senses, but the eye is the fastest moving organ ...
Bryan Doerr

Cyber-Threats and the Need for Secure Industrial Control Systems

Secure Industrial Control Systems (ICS) Industrial Control Systems (ICS) tend to be “out of sight, out of mind.” These systems ...
Cloud Computing Certification Courses

AWS S3 Outage & Lessons in Tech Responsibility From Smokey the Bear

AWS S3 Outage & Lessons in Tech Responsibility Earlier this week, AWS S3 had to fight its way back to ...

NEWS

email as a service

Google Data Analysis, Artificial Intelligence and Predicting Vaccine Scares

Social media trends can predict tipping points in vaccine scares Analyzing trends on Twitter and Google can help predict vaccine ...
Deloitte TMT Predictions: Machine Learning Deployments, On-Demand Content and Live Events Will Continue to Drive Growth

Deloitte TMT Predictions: Machine Learning Deployments, On-Demand Content and Live Events Will Continue to Drive Growth

NEW YORK, Dec. 12, 2017 /PRNewswire/ -- Deloitte forecasts double digital growth in machine learning deployments for the enterprise, an increasing worldwide ...
Hackers shut down infrastructure safety system in attack: FireEye

Hackers shut down infrastructure safety system in attack: FireEye

Hackers shut down infrastructure safety system (Reuters) - Hackers likely working for a nation-state recently penetrated the safety system of ...