With the prospect of government taking a peek into online data and communications, cloud service providers are kicking up security a notch to ensure privacy for clients. Will this be enough to prevent Big Brother from watching?
Businesses that have at least some reliance on cloud computing in order to share and store some of their most important documents may have a few reasons to feel unnerved about who can and cannot access them. The main cause of anxiety for many enterprises, particularly those in the US, is the potentially frightening prospect of government-sponsored snooping.
PRISM, a controversial surveillance program launched back in 2007 by the National Security Agency (NSA), has mined data from a variety of businesses and organizations. Initially set up with the aim of “fighting terrorism”, many internet service providers and cloud-based companies had found that some data which they looked after was seen by the NSA.
An “immediate and lasting impact”
According to the Information Technology and Innovation Foundation, PRISM will cost cloud service providers in the US some $21.5 to $35 billion in losses. These include costs required to ramp up security measures in their products, as well as lost revenue from customers looking elsewhere to host their data. Worldwide, the losses could be as much as $180 billion.
Earlier this year, awareness of PRISM became widespread following a series of leaks, notably those done by whistleblower Edward Snowden. Internet companies voiced their concerns straight away. For instance, Google and Facebook are known advocates against government data requests — or at least they release information on government requests to inform the public of possible intrusions.
Cloud providers, meanwhile, have started to revamp their range of products to include protection from PRISM. For instance, California-based cloud services provider Egnyte told VR Zone that worries about intrusions from government have prompted the company to revamp its cloud storage packages to better put customers’ minds at ease. Users have reportedly expressed concern about files being accessed by spies, government-sponsored or otherwise. PRISM protection is a major component of their latest product, Storage Connect, which is squarely aimed at SMEs and the enterprise market.
Storage Connect enforces color-coding in its cloud storage system to identify access levels. “Green” files are ones which can be accessed using any device at any time, “yellow” files only sporadically and red files should only be accessed from a physical server in the office. Meanwhile “red” files are kept in a purely physical server — not the cloud — thereby adding a layer of protection from potential spies.
Additionally, files stored via the cloud or on a physical server can be set for access only with direct permission from the company’s IT administrator. This is another step that can help to entirely block out anyone trying to access data by bypassing any security measures.
Rajesh Ram, co-founder and vice president of Egnyte, said that file-sharing using unsanctioned cloud services or even peer-to-peer networking poses a big risk for businesses. In a recent survey done by Harris Interactive, it has been found that about 52 percent of users “go rogue” with corporate content, by sharing these on outside networks, which can pose a big risk, especially if the data involved is sensitive in nature.
Ram therefore advises businesses to encrypt their data and ensure these are stored, shared or transmitted through secure means. This reduces the risk of malicious access, especially files that could be used for financial gain.