Cisco's backtrack on Connect Cloud - taking privacy for granted?
Cisco has been forced to apologise for what Home Networking Vice President Brett Wingo described as “confusion and inconvenience” following the rolling out of their Connect Cloud system.
The issue concerns a cloud-based update Cisco made to their Linksys EA2700, EA3500 and EA4500 firmware which had originally been rolled out automatically to users’ routers.
The update took many users by surprise, and they weren’t best pleased about it either, with complaints ranging from security concerns on cloud-based LAN administration to privacy fears.
Cisco has since released instructions on how to roll back the automatically updated firmware to the previous iteration.
In a blog post, Wingo said that the Connect Cloud service was available to those who had opted in to automatic updates and that data was not being illicitly stored “consistent with Cisco’s practices”.
Perhaps worryingly, the privacy concerns related to the original Cisco Connect Cloud terms of service, where users found the following:
“We may keep track of certain information...including but not limited to the status and health of your network and networked products; which apps relating to the Service you are using; which features you are using within the Service infrastructure; network traffic; internet history; how frequently you encounter errors on the Service system and other related information.”
Seeing the words ‘internet’ and ‘history’ together is bad enough, and after complaints and fears users would be arbitrarily kicked off the server because of their usage of the internet, the offending paragraph was excised altogether from the rewritten terms of service.
Wingo reiterated in an updated blog post that Cisco’s routers are not used to collect information about internet usage, saying: “Even when a customer signs up for a Cisco Connect Cloud account, Cisco does not track or store any personal information regarding a customer’s usage of the internet”.
“Cisco is committed to the privacy and security of our customers, and I assure you we will update our terms of service and related documentation as quickly as possible to accurately reflect our company policy and values,” Wingo concluded.
The one thing which can be ascertained here is that, for many people, they were happy with their original firmware and router and didn’t want to upgrade to a cloud-based solution.
Even though this did appear to be on the face of it a genuine error with no malicious intent – but what would you have done in such a situation? Do you think that fears of security and privacy are justified?
- » Marriott reported another data breach: Why cyber risk assessment is important
- » Cloud complexity and ‘terrifying’ IoT means organisations’ asset visibility is worsening – report
- » Lloyds Banking Group signs up to Google Cloud in five-year partnership
- » What is cyber insurance truly worth? Analysing the risks and responses
- » AWS makes Amazon Detective generally available for greater security awareness