Privacy

CIA claims its Amazon Web Services cloud is at ‘final operational capability’

Grazed from CloudComputing.Net.  Author:  James Bourne.

It was one of the most fascinating battles of 2013: who would win the lucrative CIA cloud computing contract? Two horses were in the race, Amazon Web Services (AWS) and IBM; and it was the former who eventually came out on top despite appeals from the latter.  Now, according to CIA chief information officer Doug Wolfe, the AWS cloud has attained “final operational capability”.

As reported by Enterprise Tech, Wolfe told delegates at an industry event this week the CIA cloud would be “offset” on a private security network, and AWS had “made a big investment” in the project.  The AWS cloud will be unleashed across 17 US intelligence agencies according to the report, with Wolfe noting the CIA was “behind where [they] hoped to be” in terms of cloud adoption...

Microsoft adopts ISO cloud privacy standard

Grazed from DataCenterDynamics.  Author: Drew Amorosi.

The privacy push continues at Microsoft, as the software and now cloud giant announced that its Azure cloud platform, Office 365, and Dynamics CRM Online have been verified by the British Standards Institute (BSI) as complying with guidelines laid out in ISO’s international standard for protecting personal information in the cloud. The company also noted that Bureau Veritas has provided the same verification for Microsoft Intune.

According to two official company blogs, Microsoft is “the first major cloud provider to adopt the world’s first international standard for cloud privacy,” and Azure “is the first cloud platform to adopt ISO 27018.”...

Cloud Computing: Hard-drive spying - Will Silicon Valley push back against NSA?

Grazed from BizJournals. Author: Greg Baumann.

Will NSA-linked hard-drive spying help Silicon Valley find its grit? One might think that the news that the National Security Agency has apparently hidden spying software on hard drives produced by Silicon Valley companies would prompt outraged calls for urgent change. Unless one looked back and saw how little has changed since initial reports that the NSA was tapping data lines and building backdoors into security protocols.

The latest disclosure, based on a report by Russian computer-security firm Kaspersky Labs and validated by Reuters reporter Joe Menn, will renew the discussion in Silicon Valley as to how much government spying impacts U.S. technology company sales. But costs mount as that discussion plays out...

Microsoft adopts international standard for cloud privacy

Grazed from PCWorld. Author: John Ribeiro.

Microsoft has adopted a new standard for cloud privacy that commits the company to protect the privacy of customers' data, not to use it for advertisement purposes, and to inform the customer of legal requests for personal data. The company said Monday it was adopting the ISO/IEC 27018, published last year by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), which outlines a common set of security categories and controls that can be implemented by a public cloud computing service provider acting as a processor of personally identifiable information.

Microsoft said the British Standards Institute had verified that both Office 365 and Dynamics CRM Online, in addition to Microsoft Azure, are in line with the standard's code for the protection of personal data in the public cloud. Microsoft Intune was similarly certified by testing company Bureau Veritas...

Do you know if "shadow IT" cloud services present a problem to your company?

Grazed from Network World. Author: Linda Musthaler.

Does your organization have a shadow IT problem? Would you even know if you did? According to the Cloud Security Alliance (CSA), 72% of respondents to the 2014 Cloud Adoption Practices and Priorities survey know the scope of shadow IT in their computing environments.

CSA defines shadow IT as “technology spending and implementation that occurs outside the IT department, including cloud apps adopted by individual employees, teams, and business units.” Nearly half of the survey respondents (49%) say their primary concern about shadow IT is the security of corporate data in the cloud...

Proposed US law could deal knockout blow to FBI in overseas cloud privacy ding-dongs

Grazed from TheRegister. Author: Iain Thomson.

The US Congress, now fully under Republican control, is getting busy with laws to protect data: two bipartisan bills appeared on Thursday that would bring the 1986 Electronic Communications Privacy Act (ECPA) bang up to date in the 21st century. The first piece of proposed legislation [PDF] is the Electronic Communications Privacy Amendments Act of 2015, submitted in the Senate by Senators Mike Lee (R-UT) and Patrick Leahy (D-VT) and in the House by Representatives Kevin Yoder (R-KS) and Jared Polis (D-CO).

The bill would require cops and the Feds to show probable cause when seeking a search warrant to rifle through people's emails and other data. (California is mulling over a similar requirement.) Under today's rules, set back when Ronald Reagan was in the White House, deem that any email can be searched, with probable cause or not, provided at least 180 days have passed since the message was sent and received...

Finding Privacy in the Global Cloud

Grazed from Brookings.edu. Author: Cameron F. Kerry.

President Obama went to the FTC a few weeks ago to address ways to protect privacy and identity in what he called “a dizzying age” of new technologies. One of the many new technologies changing the ways people interact with information is cloud computing. Whether it's Jennifer Lawrence saving intimate photos to Apple's iCloud, startups scaling up with Amazon Web services, or businesses and consumers moving their documents to Microsoft 365 or Google Docs, cloud computing is becoming a familiar part of our digital daily lives.

Cloud services offer benefits of large-scale computing, which include efficiency, scalability, security, and computing power, as well as ubiquitous access to data from an increasing variety of devices. But turning over data wholesale to someone else also comes with questions about privacy, confidentiality, security, and control...

Cloud Computing: Obama Seeks Laws on Data Hacking, Student Privacy

Grazed from ABCNews. Author: Julie Pace.

President Barack Obama wants Congress to pass legislation requiring companies to inform customers within 30 days if their data has been hacked, a move that follows high-profile breaches at retailers including Target, Home Depot and Neiman Marcus. A White House official said Obama will announce the proposed legislation Monday, along with a measure aimed at preventing companies from selling student data to third parties and from using information collected in school to engage in targeted advertising.

Obama's proposals are part of a White House effort to preview components of the president's State of the Union address in the lead-up to the Jan. 20 speech. The official, who insisted on anonymity, was not authorized to discuss the proposed legislation by name ahead of Obama's speech at the Federal Trade Commission...

Cloud companies will grapple with increasing government privacy regulations, says Porticor: 2015 Tech Predictions

Grazed from SiliconAngle.  Author: Suzzane Kattau.

In 2015, more companies will migrate their compliant data to the cloud, there will be more cloud-targeted attacks by hackers or countries, and more U.S. cloud computing companies will deal with increasing European privacy regulations. This is all according to Ariel Dan, Executive VP and co-founder of Porticor Ltd., a cloud encryption and cloud security solutions provider for enterprises and small to medium-sized businesses (SMBs).

Dan’s predictions about enterprise cloud are all part of our second annual Technology Predictions series in which industry experts share their predictions with us about the hot tech trends that they think will take center stage in 2015. We’ll be sharing all of their predictions with you over the next couple of days. Read on for more from Dan...

China to develop trust rating index for cloud vendors

Grazed from ZDNet. Author: Eileen Yu.

China is planning to rate the trustworthiness of cloud computing vendors, allowing only those with full security clearance to partake in government projects. The move could leave foreign companies out of government procurement contracts, according to a report by China Daily.

Zuo Xiaodong, vice-president of industry group China Information Security Research Institute, said: "The basic idea of the security rating mechanism is to find trustworthy hardware, software, and service providers to ensure the government has total control of the entire ecosystem."...