CSA warns PRISM is very bad news for US cloud providers
The after-effects of PRISM means that companies are much less likely to use US-based cloud service providers (CSPs), according to a survey from the Cloud Security Alliance.
56% were less likely to use US-based providers, with one in 10 going as far to say that they’d cancelled a project which used US CSPs as a result. Only 3%, interestingly, said their confidence in US vendors had increased.
It’s noticeable that, from the vendors’ perspective, their confidence had not been diminished. 64% said the incident had not hindered their prospects of conducting business outside the US.
Yet in terms of general security policy, respondents did not feel at ease about governmental transparency and legitimacy. Almost half (47%) of those polled said that their country’s processes in obtaining criminal information were “poor...there is no transparency in the process and I have no idea how often the government accesses my information.”
As loaded a question as that sounds, in comparison only 10% said their country’s data accessing was “excellent”.
The NSA PRISM surveillance program, for those who have been residing beneath a gravel-like substance for the past few months, was first initiated in 2007 and gains direct access to the systems of major tech companies, including Apple, Facebook, Google and Microsoft, able to tap into user information such as emails and stored data.
The allegations came to light in June, with whistleblower Edward Snowden subsequently having criminal charges filed against him before globetrotting via Hong Kong to Russia in search of asylum. He has been in the transit zone of Moscow’s Sheremetyevo airport for the past month.
It’s perhaps not surprising that the Snowden incident has caused less confidence in US cloud providers. Yet, 41% of those surveyed say the Patriot Act should be repealed in its entirety. 45% were more moderate and said it should merely be made tighter and more transparent, whilst 13% said the Act was fine as it is.
It’s not just the CSA noting the potentially dangerous effect PRISM may have on cloud computing. Indeed, if users’ data is being monitored without them knowing, it doesn’t take the greatest leap to see why they would be reluctant to move sensitive files into a cloud, public or private.
Earlier this month, the EU’s Commissioner for Digital Agenda Neelie Kroes told a meeting of the European Cloud Partnership Board in Tallinn, Estonia, that if there is mistrust around cloud technologies, it’s the providers who will miss out, costing the US cloud industry billions.
As reported by ZDNet, Kroes said: “The cloud has a lot of potential. But potential doesn’t count for much in an atmosphere of distrust. European cloud users, and American cloud providers and policy makers need to think carefully about that.”
But what’s your view? Has PRISM affected your trust of the cloud? Let us know in the comments...
- » Human error and misconfigurations primary source of Kubernetes security snafus, report says
- » More sensitive data moves to the enterprise cloud – but the security risk widens with it
- » Netskope secures $340m in funding at $3bn valuation to further cloud security mission
- » Amazon wins injunction to temporarily halt Microsoft JEDI contract award – reports
- » Spotting the elephant in the room: Why cloud will not burst colo’s bubble just yet