Internet privacy advocates and transparency activists have been up in arms since June over the NSA’s PRISM program. According to whistleblower Edward Snowden, while working as a contractor for the US government he monitored private online use and telecommunications under the auspices of the Patriot Act. The controversy has started a global conversation over the state of online access, user privacy, and governmental monitoring. But the ripples of the PRISM program are far-reaching, and many enterprises and businesses have suffered as a result of the scandal. However, this loss is unnecessary, as there are plenty of ways to protect corporate data even in the light of the PRISM program.
According to a sample survey of 500 members recently conducted by the Cloud Security Alliance, awareness of the official U.S. cyber-spying program has already hurt American cloud businesses. Of the global businesses surveyed, 10% have already had to cancel projects using US cloud providers out of security concerns, while 56% claimed that they had no future plans to use a US-based cloud for business. Roughly one-third of U.S. respondents asserted that doing business with other countries has now become incredibly difficult due to privacy issues revealed by Snowden’s leak of the NSA PRISM program. Such findings follow the claims of EC digital chief Neelie Kroes, “If European cloud customers cannot trust the United States government or their assurances, then maybe they won’t trust US cloud providers either. That is my guess. And if I am right then there are multi-billion euro consequences for American companies.”
Such prospects of severe loss in profits should alarm all industries and show that the PRISM scandal is not just a privacy issue, but an important economic one as well. Those sectors that rely on American cloud companies should be concerned over revenue drops due to fears raised by PRISM and the Patriot Act. Some European consumers and companies have all but blacklisted known participants of the PRISM program, and Estonian President Toomas Hendrik Ilves has even called on other European nations to collaborate on a European cloud that could provide citizens protections from governmental monitoring. And according to Sebastian-Hendrick Picklum, marketing chief at CloudControl, “Companies here in Germany fear already when using public infrastructure that somehow the NSA or other government agencies might be able to intercept the communications between the public cloud and their corporate computers. They like continuing to use their data centers and having control from the server to the user.”
As Cloud Sigma CEO Robert Jenkins predicted, the news of the PRISM program has been “really damaging for U.S. companies in terms of competing abroad.” U.S. companies have had to compete in the face of recent messages like that given by German Interior Minister Hans-Peter Friedrich. The government official said, “Whoever fears their communication is being intercepted in any way should use services that don’t go through American servers.” And CEO of City Network from Sweden, Johan Christenson, admitted that they received “a lot of customers that come to us because they want to store their data in Sweden.” While this all may sound discouraging, U.S. enterprises and businesses can still rely on private American clouds. But with no universal standards in sight, enterprises should only trust services that can provide user anonymity and strong data encryption.
Market Safety in the Private Cloud
In the globalized age, enterprises can’t afford to lose out international profits. Privacy concerns brought on by PRISM can stall projects and dip into global profits. Instead of relying on drastic systemic change and governmental transparency, enterprises should seek out cloud services that offer user anonymity and strong encryption. That way, even in this case of a security breach, sensitive data would be protected, allowing U.S. companies to once again compete on the global market.
For many enterprises, finding a truly protected third party cloud service can be a challenge. Many “secure” services on the market have security gaps that leave private corporate and consumer data wide open to third party attacks and even governmental spying, as shown by the ongoing NSA PRISM scandal. One cloud storage and sync service that sets itself apart from the rest of the market is SpiderOak Blue. This service provides enterprises with fully private cloud storage and sync, featuring all of the benefits of the cloud along with 100% data privacy. SpiderOak Blue is available with onsite deployment and private servers or outsourced deployment through a private and secured public cloud server.
SpiderOak protects sensitive enterprise data with 256-bit AES encryption so that files and passwords stay private. Authorized accounts and network devices can store and sync sensitive data with complete privacy, because this cloud service has absolutely “zero-knowledge” of user passwords or data. And all plaintext encryption keys are exclusively stored on approved devices because SpiderOak never hosts any plaintext data. This way, even if programs like NSA’s PRISM continue to stand unchallenged, consumers can rest easy knowing that their data is truly protected and brands can gain diehard customer loyalty by publically securing consumer information. SpiderOak Blue’s cross-platform private cloud services are available for enterprises on Windows, Mac, and Linux platforms, along with Android and iOS mobile devices.