Home Opinions Is NSA killing cloud?

Is NSA killing cloud?

archives2014

Much copy has been given to the Snowden revelations and there has been widespread ire at the practices of NSA and GCHQ. In fact, Yahoo has said it will switch from London to Ireland partially to avoid snooping. Taxation is also said to be playing a part here but the UK government was so concerned that it would lose intel it summoned Yahoo to a meeting.

97% of EU ICT decision-makers now prefer buying a cloud service which is located in their region (NTT)

The revelations have caused a wider wobble in cloud adoption and this is shown by a a recent report by NTT Communications (PDF). NTT surveyed 1,000 ICT decision-makers in UK and USA as well as France, Germany, Hong Kong. For example, 62% of those not currently using cloud feel the revelations have prevented them from moving their ICT into the cloud. And 97% of EU ICT decision-makers now prefer buying a cloud service which is located in their region (92% for US). 84% feel they need more training on data protection laws.

It’s important to put this into perspective. Most governments have security agencies which undertake electronic surveillance. Yes, even Ireland. Security agencies share and will continue to share data. The German security agency doesn’t feature heavily in the Snowden revelations but has also admitted it shares data. Either businesses are comfortable with their own national government snooping on them or they’re not aware of it. Last year someone admitted to me they would prefer GCHQ snooping on them rather than NSA or FBI. I still don’t understand how that makes sense.

NSA hasn’t cracked all encryption yet, but it is working on it.

Where does this leave us?

NSA hasn’t cracked all encryption yet, but it is working on it. In the meantime, there is a great opportunity for encryption and tokenisation and other obfuscation techniques to be a more prominent feature of cloud services going forward.

I agree, there remains much confusion about data protection laws and more people should be trained on it. Also, aside from security agency snooping, not enough (public) cloud providers yet deal adequately with data protection. Pick any public cloud contract and look for the exclusions of liability for loss, corruption or deletion of data.

It is reckoned the cloud market will be worth $225bn in 2015 and providers continue to invest heavily in building cloud services. For example, Google alone spent $7.3bn in 2013 and even Cisco is going cloud. Electronic surveillance isn’t confined to cloud – keeping data on premise just makes it harder. But NSA has managed that too. So staying out of cloud isn’t the answer. The EU and US have committed to improving Safe Harbor by this summer.

Don’t give up now. Cloud is about to get interesting.