Can We Ever Trust Cloud Encryption? - InformationWeek
IoT
IoT
Cloud // Infrastructure as a Service
News
9/26/2013
09:20 AM
50%
50%
RELATED EVENTS
How to Talk to Your Management about IT Security
Aug 30, 2017
This webinar will bring you some new methods for describing and measuring your cybersecurity initi ...Read More>>

Can We Ever Trust Cloud Encryption?

One consequence of the Snowden affair is a renewed interest in encrypting public cloud data. Governments and vendors are in on the act.

One consequence of the Snowden affair is a renewed interest in encrypting public cloud data. Governments and vendors are in on the act.

It looks as if the NSA has declared open season on overseas traffic and has developed capabilities for capturing huge amounts of data, including almost all intercontinental fiber traffic and mobile communications.

Needless to say, the reaction from foreign governments has been less than positive, even though their own intelligence services must have known the extent of the data gathering.

We might expect the president to issue guidelines to "clarify" what can or cannot be kept, but the reality is that even he may not know the full extent of NSA's activities. After all, this is the organization that, banned from gathering domestic intelligence, put together a shadow service called "Echelon" with the United Kingdom and others that had no such ban. By law, anything gathered by overseas agencies could be fed back to the U.S., essentially nullifying the ban.

The CEOs of the large cloud service providers (CSPs) recently met with President Obama to explore ways to mitigate what they fear will be a $35 billion loss of business due to a reluctance to trust in U.S.-based sites.

The CSPs are already in damage control mode. Following Amazon Web Services' lead, they have announced that data stored in their systems will be encrypted, with Google offering to double encrypt, once with its keyset and then with a user-owned key.

Read the rest of this article on Enterprise Efficiency.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Thomas Claburn
50%
50%
Thomas Claburn,
User Rank: Author
9/26/2013 | 7:31:39 PM
re: Can We Ever Trust Cloud Encryption?
You can't trust someone else to handle encryption, not when National Security Letters can compel silent surrender of keys. Either you encrypt your files with one of the few remaining reputable open-source algorithms and you secure the key or you're taking a risk.
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
IT Strategies to Conquer the Cloud
Chances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll