Government // Cloud computing
Commentary
5/2/2014
09:30 AM
Ben Young
Ben Young
Commentary
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Data Protection Fears Vs. US Cloud Market

Data sovereignty is so important to businesses that 70% would trade cloud performance for more data control, research says. Where does that leave the post-Snowden US cloud market?

decision makers will have fewer cloud vendors to choose from -- and potentially face higher prices.

Still, it's difficult to gauge how long the threat to the cloud hosting market may last. For example, 51% of respondents in our survey are still hosting data in the US, making the US the most popular host country outside their own countries. Part of the reason for this may be that people simply don't have other options. If they have a large customer base in the US, there's probably not a reasonable substitute for a US-based datacenter or hosting provider. But this may change as infrastructure in Canada, Mexico, and Brazil becomes more robust, generating cloud alternatives in the Americas that could threaten the US's position as the de facto choice for hosting.

Additionally, the US government is taking steps to scale back its surveillance activity, which could alleviate the fears of non-US cloud buyers who are still on the fence. But while President Obama has announced new restrictions on the NSA's phone-data collecting programs, it's unclear if this means change on a grander scale is coming, or if it's just a short-term fire drill to help bide time.

Has trust in the cloud (or in the Internet, for that matter) been permanently damaged? Likely not. Companies aren't abandoning the Internet or completely upending their business models, but there will be some fundamental changes in how they go about conducting certain business operations online -- for example, with choosing where and how to host their sensitive data in the cloud.

There is definitely hope for the US cloud industry if both government agencies and service providers strive to be more open, honest, and fair about where company data is located and how it's being used. Plus, privacy laws are still a mystery to many: 60% of UK and Canadian businesses agree they don't know as much as they should about data laws, and 44% feel that privacy and security laws still confuse them. This knowledge gap gives service providers an opportunity, not only to lead the discussion around data privacy, but also to educate their customers on what it means for their businesses.

Only time will tell if history remembers Snowden as a hero or a villain, and it will likely be a mix of both. Regardless, the NSA revelations have provoked a discussion around data privacy that will ultimately help improve the hosting and cloud industries on a global scale. The new tensions that have sprung up around privacy and security, even among ordinary citizens, are sending a strong message to businesses on how they should think about their and their customers' data.

Businesses should realize how accountable they are in giving customers ownership and control of their data whenever possible, and they should acknowledge their responsibility to be transparent when data is potentially exposed to third parties. Meanwhile, IT decision makers at federal agencies can follow suit and place pressure on policy makers to scale back programs that are ultimately detrimental to the efficiency and cost-effectiveness of the government itself.

The NIST cyber-security framework gives critical-infrastructure operators a new tool to assess readiness. But will operators put this voluntary framework to work? Read the Protecting Critical Infrastructure issue of InformationWeek Government today.

Ben Young is General Legal Counsel at Peer 1 Hosting, where he defends, protects, and enforces Peer 1's legal and business interests, identifies risks, and finds the right solutions to mitigate them. View Full Bio

Previous
2 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Susan Fourtané
50%
50%
Susan Fourtané,
User Rank: Ninja
5/10/2014 | 6:21:52 AM
Re: security solution
Bob,

"One of the most common causes of data getting in the wrong hands is the loss of mobile devices that often contain a frightening amount of private information."

True. And thanks for sharing the link to the tracer tags site. It's very useful. It's great you got your lost laptop returned.

However, if the device is stolen instead of lost the thief is not going to contact you to return you the device. In that case, deleting your data remotedly is all that can help.  

-Susan
wkcantab
50%
50%
wkcantab,
User Rank: Apprentice
5/4/2014 | 11:03:32 PM
Raising Awareness of Data Privacy Rules for SMEs
Excellent article. Data privacy is such a key consideration when using cloud providers and your rightly point out the huge deficiency in business' understanding of the laws. This is particularly true for businesses which operate internationally and must comply with the laws where their customers reside. And "cloud" is a very broad term -- even a process such as email outsourcing can get a company caught up in needing to be aware of the relevant data privacy practices of their third-party provider.

Wendy Kennedy Esq, author, Data Privacy: A Practical Guide (April, 2014)

@wkcantab
BobH088
50%
50%
BobH088,
User Rank: Apprentice
5/4/2014 | 7:11:45 PM
security solution
One of the most common causes of data getting in the wrong hands is the loss of mobile devices that often contain a frightening amount of private information. I want to share a protection option that worked for me. Tracer tags (mystufflostandfound.com) let someone who finds your lost stuff contact you directly without exposing your private information.  I use them on almost everything I take when I travel like my phone, passport and luggage after one of the tags was responsible for getting my lost laptop returned to me in Rome one time.
Thomas Claburn
50%
50%
Thomas Claburn,
User Rank: Author
5/2/2014 | 5:40:22 PM
Data ownership in the cloud
Is there a legal structure that could be used to grant cloud clients temporary ownership over the remote hardware they use or temporary ownership of the space their equipment occupies? This would deny the cloud provider the lawful authority to provide access to the hardware in the event of a subpoena.
Gov Cloud: Executive Initiatives, Enterprise Experience
Gov Cloud: Executive Initiatives, Enterprise Experience
In this report, we'll examine the use of cloud services by government IT, including the requirements, executive initiatives and service qualifications, and auditing and procurement programs that make government cloud adoption unlike that in the private sector.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.