From Europe's efforts to create regulations for data localization to worries over the security of the cloud, the leaks of the past eight months have cast a shadow over cloud providers.
RSA CONFERENCE -- San Francisco -- Last summer's revelations of the extent to which the US National Security Agency (NSA) collected data on American and foreign targets has caused rifts between global businesses that are hindering efforts to secure the cloud, said Richard Clarke, CEO of Good Harbor and a former US cyberczar, at the Cloud Security Alliance (CSA) Summit on Monday.
The steady leak of documents during the past eight months detailing the operations of the NSA intelligence collection activities has damaged both US policy efforts abroad and the business of a variety of multinational companies, especially cloud providers. Efforts to implement strong security guidelines for the cloud will have to overcome efforts by other nations to implement data residency restrictions to hinder competition, Clarke said.
"Non-US companies are using the NSA revelations as a marketing tool," he said. "There is a great deal of hypocrisy in all of this. People are suddenly amazed that intelligence agencies were collecting intelligence."
Requirements to force cloud providers to keep data in the country of origin and not allow data to transit through the US amount to technological nationalism and, worse, do not make the data any appreciably safer, Clarke said. Data hosting in Europe will be just as easy to get access to as data hosted in the US or another country, Clarke said.
Robert Lemos is a veteran technology journalist of more than 16 years and a former research engineer, writing articles that have appeared in Business Week, CIO Magazine, CNET News.com, Computing Japan, CSO Magazine, Dark Reading, eWEEK, InfoWorld, MIT's Technology Review, ... View Full Bio
Security Job #1 For FedsThe 2014 InformationWeek Government IT Priorities Survey shows federal IT pros care about security - itís rated as very important by 69% of respondents, 30 percentage points ahead of the No. 2 priority, disaster recovery. Will the upcoming NIST cyber-security framework help manage risk?