Cloud // Infrastructure as a Service
News
9/26/2013
09:20 AM
Connect Directly
RSS
E-Mail
50%
50%

Can We Ever Trust Cloud Encryption?

One consequence of the Snowden affair is a renewed interest in encrypting public cloud data. Governments and vendors are in on the act.

One consequence of the Snowden affair is a renewed interest in encrypting public cloud data. Governments and vendors are in on the act.

It looks as if the NSA has declared open season on overseas traffic and has developed capabilities for capturing huge amounts of data, including almost all intercontinental fiber traffic and mobile communications.

Needless to say, the reaction from foreign governments has been less than positive, even though their own intelligence services must have known the extent of the data gathering.

We might expect the president to issue guidelines to "clarify" what can or cannot be kept, but the reality is that even he may not know the full extent of NSA's activities. After all, this is the organization that, banned from gathering domestic intelligence, put together a shadow service called "Echelon" with the United Kingdom and others that had no such ban. By law, anything gathered by overseas agencies could be fed back to the U.S., essentially nullifying the ban.

The CEOs of the large cloud service providers (CSPs) recently met with President Obama to explore ways to mitigate what they fear will be a $35 billion loss of business due to a reluctance to trust in U.S.-based sites.

The CSPs are already in damage control mode. Following Amazon Web Services' lead, they have announced that data stored in their systems will be encrypted, with Google offering to double encrypt, once with its keyset and then with a user-owned key.

Read the rest of this article on Enterprise Efficiency.

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Thomas Claburn
50%
50%
Thomas Claburn,
User Rank: Author
9/26/2013 | 7:31:39 PM
re: Can We Ever Trust Cloud Encryption?
You can't trust someone else to handle encryption, not when National Security Letters can compel silent surrender of keys. Either you encrypt your files with one of the few remaining reputable open-source algorithms and you secure the key or you're taking a risk.
Multicloud Infrastructure & Application Management
Multicloud Infrastructure & Application Management
Enterprise cloud adoption has evolved to the point where hybrid public/private cloud designs and use of multiple providers is common. Who among us has mastered provisioning resources in different clouds; allocating the right resources to each application; assigning applications to the "best" cloud provider based on performance or reliability requirements.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest September 18, 2014
Enterprise social network success starts and ends with integration. Here's how to finally make collaboration click.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
The weekly wrap-up of the top stories from InformationWeek.com this week.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.