When news first broke that the United States' National Security Agency (NSA) was "operating a covert program, called Prism, which obtains email and other electronic data records from Internet companies," a furor erupted over the violated privacy of information once it enters the cloud. It shocked a nation and then the world. I'm not sure what was more shocking: the fact that it happened or that so few people were truly prepared for this possibility.
Concerns that our online information could face government scrutiny first arose over 10 years ago when the Patriot Act was signed into law, and has now raised questions for businesses as to the security and privacy which could be afforded when uploading content to the cloud. With the ongoing revelations from the NSA files, many organizations that have embraced cloud computing in recent years now face new uncertainty and may even go so far as to revert to on-site only access to information and abandon the cloud.
Cloud computing is the popular buzz-phrase to describe all kinds of online access to information that has been embraced by both individuals and businesses of all sizes because of its ability to improve mobility and offer new services. But is that convenience coming at a price?
We don't think so but, like with any business decision, you need to evaluate the risks and rewards. And I'd say you also need to take extra steps to verify that adequate security protection is in place.
There are many steps that corporations like Intel take to safeguard information before it even enters the cloud. I sometimes worry that businesses, particularly in the case of small business, rush into convenience and solutions without looking under the hood -- and that means confirming there are sufficient security measures in place.
The key is to be aware and take appropriate steps to protect the data that you are putting out there, while ensuring the services you choose are doing their due diligence to ensure your safety and privacy, and that of your customers.
And while sensational news like the NSA surveillance program could send many people out of the clouds and back to earth (also known as local network infrastructures), we need a reality check, as some local networks are less secure than their cloud counterparts. It all depends on how the infrastructure was set up.
We talk to small businesses every day that depend on cloud services to function and to compete. They now have access to software and solutions that were previously only commonplace in much larger organizations, and for many, cloud services have opened up a new world (from electronic health records to improving worker safety, to name but a few examples). From a business standpoint, it's a good thing.
I would hope that, if nothing else, the existence of surveillance program serves as a wake-up call to business that we can't take security for granted. It's a good reminder to take a fresh look at the services you're using and the way in which those networks are set up to ensure you're adequately protected. And for those with questions about cloud security, Intel IT has published this security checklist planning guide. There's no better time for a second look.