Can We Ever Trust Cloud Encryption? - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Cloud // Infrastructure as a Service

Can We Ever Trust Cloud Encryption?

One consequence of the Snowden affair is a renewed interest in encrypting public cloud data. Governments and vendors are in on the act.

One consequence of the Snowden affair is a renewed interest in encrypting public cloud data. Governments and vendors are in on the act.

It looks as if the NSA has declared open season on overseas traffic and has developed capabilities for capturing huge amounts of data, including almost all intercontinental fiber traffic and mobile communications.

Needless to say, the reaction from foreign governments has been less than positive, even though their own intelligence services must have known the extent of the data gathering.

We might expect the president to issue guidelines to "clarify" what can or cannot be kept, but the reality is that even he may not know the full extent of NSA's activities. After all, this is the organization that, banned from gathering domestic intelligence, put together a shadow service called "Echelon" with the United Kingdom and others that had no such ban. By law, anything gathered by overseas agencies could be fed back to the U.S., essentially nullifying the ban.

The CEOs of the large cloud service providers (CSPs) recently met with President Obama to explore ways to mitigate what they fear will be a $35 billion loss of business due to a reluctance to trust in U.S.-based sites.

The CSPs are already in damage control mode. Following Amazon Web Services' lead, they have announced that data stored in their systems will be encrypted, with Google offering to double encrypt, once with its keyset and then with a user-owned key.

Read the rest of this article on Enterprise Efficiency.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Thomas Claburn
50%
50%
Thomas Claburn,
User Rank: Author
9/26/2013 | 7:31:39 PM
re: Can We Ever Trust Cloud Encryption?
You can't trust someone else to handle encryption, not when National Security Letters can compel silent surrender of keys. Either you encrypt your files with one of the few remaining reputable open-source algorithms and you secure the key or you're taking a risk.
Slideshows
11 Things IT Professionals Wish They Knew Earlier in Their Careers
Lisa Morgan, Freelance Writer,  4/6/2021
News
Time to Shift Your Job Search Out of Neutral
Jessica Davis, Senior Editor, Enterprise Apps,  3/31/2021
Commentary
Does Identity Hinder Hybrid-Cloud and Multi-Cloud Adoption?
Joao-Pierre S. Ruth, Senior Writer,  4/1/2021
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Successful Strategies for Digital Transformation
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Slideshows
Flash Poll