View From Above

Jun 24 2013   10:46AM GMT

If the government wants you, where you store your data doesn’t matter

Ron Miller Ron Miller Profile: Ron Miller

If the government wants you, it'll find a way to monitor your network whether it's in the cloud or behind your firewall.

Revelations of government surveillance gave everyone pause, but if the government wants you, it doesn’t matter where you store your data.

The worst fears of the anti-cloud cabal came true recently when the curtain was lifted and we saw a glimpse of the extent of the US surveillance state, but is that enough to make you stop using the public cloud?

I’ve been listening to people debate about the pros and cons of the cloud since 2008, which was about the time the term came into popular usage. In fact, I remember well attending a discussion at a conference in 2008 where representatives from Google, Amazon and explained the merits of cloud computing.

They were then peppered with an audience full of doubters. There was of course the Patriot Act to deal with, and for anyone from outside the US who had to respect more stringent privacy laws, the idea the government could demand data in the cloud at will was a show stopper for many –and remains so to this day.

The fact we now know the extent of government listening means that the Patriot Act was a minor annoyance compared to widespread warrantless Internet monitoring.

I’ve sat in similar discussions since. At CeBIT in 2011, The Germans, which as a country have particularly strong privacy laws, could not embrace the cloud even though many saw the advantages of a cloud approach.

But the cloud offers such a compelling economic case, in many cases that’s going to overcome any fear a company might have the government could be snooping on your data.

ZDNet had a couple of compelling posts recently about this. On the pro cloud side, Jason Perlow wrote in NSA Prism: The cloud laughs at the Tin Foil Hat brigade, “I hate to break it to you guys, but the government just isn’t that into you.” He added, “And this recent revelation about PRISM and other wide-ranging NSA electronic surveillance programs, while disturbing, fundamentally changes nothing about an overall shift to cloud-based computing.”

But ZDNet’s Steven J. Vaughan-Nichols isn’t so sure as he wrote in NSA Prism puts “public cloud” in new light. As Vaughan-Nichols wrote, “Let’s just take it as a given, if you put information on the public cloud, there’s a reasonable possibility that it can be looked at by a government [three-letter acronym organization].” He adds with certainty, “But, if you put your infrastructure on a private cloud you dodge this problem. Even a hybrid cloud—where you keep only low-value materials on a public cloud—could still do well by you.”

But it’s not that simple for many organizations. I saw CIOs from the San Francisco Giants, The Boston Red Sox and The Boston Celtics speaking last week at the E2 Conference in Boston. For these three CIOs, the cloud allowed them to run lean departments with 11 or fewer employees while promoting some extremely ambitious IT projects. As Bill Schlough, CIO of the Giants put it, “The more data that’s in the cloud, the happier I am.”

There are social, political and economic ramfications of government monitoring and I’m not about to minimize any of those, but I’ll put it this way: I’m inclined to agree with Perlow’s view on this.

The government doesn’t really care what most private businesses are doing, and if they did, it wouldn’t really matter if you were using public cloud services or your own data center.  The NSA and other government agencies are amazingly resourceful when it comes to data collection. If Anonymous can get past your security, do you really think the NSA or some other government agency can’t?

There are a myriad of ways to gain access to networks without being inside an organization from phishing to keystroke loggers to social manipulation. Once inside the network infrastructure whether you are a malicious hacker or the government, you can pretty much do whatever you want.

With that in mind, if a government agency wants you, they’ll find you no matter where you choose to store your data, with a warrant or without it, whether you know it or don’t. Given that reality, recent revelations should not alter your approach, nor should it scare you off from public cloud usage.

Photo Credit:  (c) Can Stock Photo

4  Comments on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.
  • tracyanne
    quote:: if a government agency wants you, they’ll find you no matter where you choose to store your data ::quote

    True, but this attitude misses the point. It's MY data, it's MY PRIVATE data, therefore they have no right to it unless they can demonstrate that I'm a criminal, and that PRIVATE data contains evidence. Therefore I'd be really stupid to store anything I don't want publicly accessible (and by that I mean the government) anywhere it can easily be accessed publicly.
    10 pointsBadges:
  • Michael Tidmarsh
    I can't agree with you more Ron. People shouldn't be scared of putting their data into the cloud (public or private). The government will still find everything on you and more!
    62,755 pointsBadges:
  • Ron Miller
    tracyanne,You're not getting any argument from me there. I avoided the political aspects of the argument and I'm just looking at this from a practical business standpoint. From a personal standpoint I was very angry when I heard these revelations and I'm sure more is going to come out over time. This is massive abuse of 4th amendment privacy rights. One thing about secrets in the Internet age though is they work both ways. You can collect information on people, but they can find out you're doing it fairly easily too. 
    580 pointsBadges:
  • Ron Miller
    I'm not sure I'm comforted by the fact you agree with me, Michael, but from a business perspective you just need to keep doing what you're doing because as I wrote, they'll find a way if your company is of interest to them for whatever reason no matter where you store your data.
    580 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: