3 Comments

Summary:

Google acknowledges new data encryption plan to mitigate PRISM-provoked privacy fears; Aaron Levie sounds off and more in the week in cloud.

The Spy vs. Spy scenario sparked by disclosures of National Security Agency’s  data gathering practices continued late last week with news in The Washington Post that Google is encrypting user data flowing between its data centers to protect it from further incursions.  Two weeks ago Google announced that it was adding server-side encryption to its cloud storage but this appears to be an application of data encryption in transit, another part of the data protection puzzle.

That doesn’t mean that Google, (or Microsoft or Facebook or Yahoo)  or the other companies that have been named as data sources by former NSA operative Edward Snowden, won’t still have to comply with legal requests for information but it  will raise the bar making it more difficult for any party — a government agency or a hacker — to conduct wide-spread data surveillance.

“It’s an arms race …We see these government agencies as among the most skilled players in this game.”   Eric Grosse, VP for security engineering at Google told the Post.

GigaOM’s Jeff Roberts has  a good round-up of the NSA Bullrun encryption breaking program here.

U.S. tech giants are now in an increasingly uncomfortable situation, caught between a government asserting its need for information to thwart future terror attacks and consumers who may understand that need but also resent the lack of transparency around this program and fear its abuses. Meanwhile, non-U.S. tech companies will try to turn this fear to their advantage, although frankly it’s unclear if any major tech vendors anywhere are immune from the data dragnet.

Look for more pundits to push the adoption of open-source alternatives like Mailpile email to big-vendor offerings to foil data scooping. Make no mistake, this will be a hot topic at next week’s Structure:Europe event in London.

And now, the gratuitous podcast plug:

If you are one of the 2 or 3 people who haven’t heard Box CEO Aaron Levie expound on the state of the industry, treat yourself to last week’s Structure Show. Seriously, the guy should have a show of his own.

More cloud news from around the interwebs

From GigaOM: Can VMware pull off its second act? 

From InformationWeek: Amazon opens command line interface to 23 services

From ITWorld:  451 Researh Survey: Microsoft tops exciting loud vendor list 

From TalkinCloud: Appzero enables partners to move server apps to AWS

From GigaOM: Don’t let the lack of press full you — Europe has a lot of big time cloud users

From CIO.com: NIST Cyber Security framework proides no measurable cybersecurity assurance 

  1. >That doesn’t mean that Google, (or Microsoft or Facebook or Yahoo or the other

    There is nothing so annoying as an unclosed parenthesis.

    Share
    1. That’s fixed.

      Share
  2. The biggest issue with encryption that is initiated and managed by the cloud service provider is that in most cases, they still own the encryption keys. Unless you maintain your own encryption keys, your data is not secure.

    Share

Comments have been disabled for this post