Privacy

The Snowden Leaks One Year Later: Key Lessons Cloud Providers Learned

Grazed from eWeek. Author: Chris Preimesberger.

The period of eight days from June 5 to June 12, 2013, was monumental in the history of data security. The timeline: June 5, 2013: The Guardian reports that the U.S. government has obtained a secret court order that requires Verizon to turn over the telephone records of millions of Americans to the National Security Administration. June 6: The Guardian and the Washington Post disclose the existence of PRISM, a program that allows the NSA to extract the details of customer activities—including "audio and video chats, photographs, e-mails, documents" and other materials—from computers at Microsoft, Google, Apple and other Internet companies.

June 9: The Guardian and Post disclose former Booz Allen IT specialist Edward Snowden as their source for the intelligence-related leaks. June 12: The South China Morning Post publishes an interview with Snowden in which he says that U.S. intelligence agents have been hacking networks around the world for years. The U.S. IT industry then went on the defensive amid concerns that customers would shift their hosted data and services to providers in other parts of the world. U.S. businesses ostensibly stood to lose up to $180 billion, according to Forrester...

Are Cloud Providers Facing A Backlash Over Continued NSA Revelations?

Grazed from CloudTweaks. Author: Daniel Price.

Edward Snowden, the NSA, Heartbleed – it seems every technology story at the moment is in some way linked to these topics. Whether or not you believe that the NSA was directly involved in the Heartbleed security flaw, it is apparent that cloud customers around the world have been rattled by the disclosure of mass government surveillance and security leaks. What affect have these revelations and worries had on United States-based cloud providers?

Contract Cancellations

A Cloud Security Alliance (CSA) survey found that ten percent of non-United States companies cancelled contracts with American service providers following the admission of the NSA spying program in the middle of 2013.Worryingly for those providers, the survey also found that a massive fifty six percent of respondents are now reluctant to work with any US-based cloud service. Only thirty percent of those surveyed said that ‘spygate’ would have no impact on their use of cloud services...

Cloud Computing: Google Faces Pressure for Scanning Student Gmail to Mine for Ads

Grazed from eWeek.  Author: Todd R. Weiss.

SafeGov.org continues to ask Google questions about its past scanning of Gmail messages that used data mining to serve up ads to Google Apps for Education users.  Opponents of Google's recent practice of scanning Gmail messages to help target advertisements to Gmail users continue to pressure the search giant on the issue.

The latest salvo comes from Jeff Gould, the president of industry group SafeGov.org, who launched an angry attack on Google in a May 15 blog post after Google described its Gmail-scanning activities in a recent blog post...

NSA revelations make cloud users wary

Grazed from WhaTech. Author: Editorial Staff.

A survey of 1,000 ICT decision-makers in France, Germany, Hong Kong, the UK and USA undertaken by Japanese telco NTT Communications (http://nsaaftershocks.com) saw 88 percent of respondents saying they were changing their cloud buying behaviour. Thirty one percent said they were moving data to locations where they knew it would be safe.

“ICT decision-makers now prefer buying a cloud service which is located in their own region, especially EU respondents (97 percent) and US respondents (92 percent),” the report said. “Fifty two percent are carrying out greater due diligence on cloud providers than ever before and 16 percent are delaying or cancelling contracts with cloud service providers.” It added: “More than four fifths (84 percent) feel they need more training on data protection laws.”...

Selling cloud computing to government: beyond the privacy and security debate

Grazed from TheLawyer. Author: Caroline Atkins and Katherine Armytage.

Cloud computing is a major trend in today’s ICT environment. However, unlike participants in some other sectors, governments in the Asia-Pacific region have been slower to take up the significant financial benefits that this technology stands to offer. One major reason for this is the concern about privacy and security, which has received much attention from commentators to date.

However, as the technical issues needed to ensure adequate privacy and security of cloud solutions are gradually addressed and resolved, and governments become more convinced that cloud computing is a viable option for at least some of their ICT needs, it is becoming apparent that there are other contractual issues acting as barriers to the successful uptake of cloud computing by governments...

Cloud Computing: The 3-Places Rule For Secure Digital Files

Grazed from gillmckerrow.com.  Author: Jeremy Harris.

It came from my daughter, who heard it from one of her lecturers. She’s studying film and television at university. And of course, everything in film and television is digital these days.  I immediately thought about our approach to software (particularly cloud-based applications), and realised the same principle applies.

So much of what we do today is digital. And it makes whatever we’re doing—photography, communications or even accounting—quick and easy.  But where is the information being stored? Do you have a backup? Where is it? And how quickly and easily can you access it?  Let’s look at a few different scenarios, starting with one close to home…

Virtustream's Cloud IaaS Now HIPAA-compliant

Grazed from TalkinCloud. Author: Editorial Staff.

Cloud services provider (CSP) Virtustream is now Health Insurance Portability and Accountability Act-compliant (HIPAA-compliant), and its cloud infrastructure-as-a-service (IaaS) meets the federal standards for breach notification, privacy and security in healthcare records management.

"Security of our client's data and environments is Virtustream's top priority," Pete Nicoletti, Virtustream's chief information security officer (CISO), said in a prepared statement. "Healthcare enterprises and other clients with HR and medical records can confidently select our services knowing that we have the proper controls in place to safeguard their information."...

US court: cloud companies must hand over ALL data on demand, regardless of where it is held

Grazed from Computing. Author: Graeme Burton.

Internet and cloud companies must turn over all information to US government agencies on demand, regardless of where the data is held. That is the landmark judgment by US Magistrates court judge James C. Francis in a judgment against software giant Microsoft. It follows moves by Microsoft to quash a search warrant that sought the contents of emails of a customer, whose data was held on a server physically located in Ireland.

"Microsoft contends that courts in the United States are not authorized to issue warrants for extraterritorial search and seizure, and that this is such a warrant. For the reasons that follow, Microsoft's motion is denied," wrote Francis in his judgment. He continued: "On December 4, 2013, in response to an application by the United States, I issued the search warrant that is the subject of the instant motion...

Cloud Computing: Does Data Need to Go Overseas?

Grazed from Utilizer. Author: Editorial Staff.

Recent reports on NSA spying have eroded trust in US-based cloud providers. This is especially true for non-USA-based customers that use cloud services offered by US companies. They see using an American cloud provider as a risk because they assume their data could be accessed by the NSA and other government organizations. This perception has caused companies such as Google, AT&T and Cisco to lose non-US business.

The Snowden leaks spotlighted the risk. The information that was leaked revealed that some of the biggest cloud providers had their users’ data accessed by the NSA, including Google and Yahoo. In some cases, this happened with the companies’ knowledge and in others, without...

Cloud World Forum Examines Security, Privacy and Regulation of The Cloud

Grazed from RealWire. Author: PR Announcement.

As the adoption of cloud computing continues to grow across the world, security, privacy and regulation of data in the cloud are becoming more prominent and relevant than ever before. This year's Cloud World Forum conference and exhibition will provide a platform for leading solution providers and delegates across multiple industries to examine the risks, and explore the solutions to these growing concerns.

In a recent report by cloud security specialists Sky High Networks[1], nine out of ten cloud services put European businesses at risk. The report analysed one million users across 40 companies and found that enterprises use an average of 588 cloud services of which only 9% of those services in use provide enterprise-grade security. This brings to the fore concerns surrounding the regulation of privacy in the cloud...