Tags
- Cloud 91
- Public Sector 35
- Security 34
- Data centres 32
- Managed Services 24
- business continuity 19
- G-Cloud 17
- outage 14
- Data Protection 12
- VoIP 12
- Data Security 12
- BYOD 12
- Remote Working 11
- Unified Communications 11
- disaster recovery 10
- Data Storage 10
- Cloud Services 10
- Government 10
- Mobile 9
- resilience 8
- Hybrid Cloud 8
- Legal 8
- Healthcare 8
- IP Telephony 7
- ADSL 7
- downtime 6
- Wi-FI 6
- Internet 6
- Telephony 6
- NHS 6
- Data Backup 5
- Cloud Computing 5
- IaaS 5
- Public Cloud 5
- internet of things 5
- DBaaS 5
- N3 5
- efficiency 5
- MDM 5
- Service Provider 4
- Oracle 4
- Infrastructure 4
- Data Centres 4
- MPLS 4
- Malware 4
- Cloud Telephony 4
- BlackBerry 4
- 4G 4
- Data Protection Act 3
- SLA 3
- Private Cloud 3
- SaaS 3
- Google 3
- Public Sector Network 3
- Symposium 3
- Network 3
- technology 3
- Apple 3
- SIP trunking 3
- Online Backup 2
- SQL Server 2
- databases 2
- BT 2
- PAYG 2
- VDI 2
- Amazon 2
- Mainframe 2
- Desk Top Sharing 2
- Migration 2
- IT Management 2
- Database as a Service 2
- Cloud Strategy 2
- data sovereignty 2
- ICT 2
- Insurance 2
- Software 2
- Applications 2
- Data 2
- PSN 2
- Wireless 2
- Retail 2
- Data Centre Provider 2
- Connectivity 2
- Regulations 2
- Ofcom 2
- EFM 2
- QoS 2
- ISDN 2
- CYOD 2
- MVNO 2
- Enterprise 2
- Mobile Strategy 2
- mobile data 2
- Firewall 2
- network 2
- Outage 1
- Online Storage 1
- Support 1
- Unreliability 1
- Availability 1
- DDoS Attacks 1
- IT Provisioning 1
- business agility 1
- Contingency 1
- Federated Clouds 1
- Cloud to Cloud 1
- Salesforce.com 1
- Gartner 1
- virtualisation 1
- US Patriot Act 1
- cloud 1
- Platforms 1
- Blogging 1
- Data Sharing 1
- OCS 1
- Productivity 1
- Video Conferencing 1
- fog computing 1
- Services 1
- Virtual Desktop 1
- Hosted Desktop 1
- SIAM 1
- CCS 1
- Crown Commercial Services 1
- Cloud Provider 1
- Government as a Platform 1
- shadow IT 1
- Ransomware 1
- Digital Economy Centres 1
- IT 1
- HETT 1
- CGBT 1
- Journey to the Cloud 1
- Journey To The Cloud 1
- IT Services 1
- Microsoft Office 1
- Azure 1
- Digital Strategy 1
- Digital Marketplace 1
- AWS 1
- VMWare 1
- HSCN 1
- OpenStack 1
- Public Wi-Fi 1
- Legal Sector 1
- data security 1
- hybrid cloud 1
- SMEs 1
- Brexit 1
- Privacy 1
- security 1
- innovation 1
- insurance 1
- DevOps 1
- retail 1
- IT infrastructure 1
- Prism 1
- PUE 1
- Cold aisle containment 1
- Cooling 1
- Power 1
- hosting 1
- power 1
- JANET 1
- Microsoft 1
- SAP 1
- Hosting 1
- BIL 1
- Freedom of Information Act 1
- Personal Data 1
- Bandwidth 1
- Social Media 1
- Streaming 1
- Email 1
- Messaging 1
- Contention Rates 1
- SDSL 1
- 512k bug 1
- password 1
- Moore’s Law 1
- wearables 1
- microchip 1
- Intel 1
- security threats 1
- WannaCry ransomware attack 1
- Collaboration 1
- Home Working 1
- MYOD 1
- BES10 1
- Consumer 1
- Blackphone 1
- iPhone 6 1
- iCloud 1
- iOS 8 1
- Samsung 1
- Networks 1
- Network Operators 1
- Coverage 1
- call rates 1
- HSCIC 1
- VPLS 1
- Two-Factor Authentification 1
- FTTP 1
- Cambridge 1
- Metro Network 1
- IPv6 1
- Network design 1
- Network Planning 1
- ISDN30 1
- N3 Aggregator 1
- Network Security 1
- Unified Threat Management 1
- Convergance 1
- Shadow IT 1
- Software Defined Networks 1
- SDN 1
- Virtualisation 1
- Wi-Fi 1
- #GenMobile 1
- LAN 1
- Compliance 1
- ITIL 1
- Customer Service 1
Latest Posts
- Green light spells opportunity for public sector 7 Aug 2017, 12:40 PM
- The era of the skills partnership? 27 Jul 2017, 14:04 PM
- Back to basics - 5 key controls from the Cyber Essentials scheme 26 Jun 2017, 13:58 PM
- What to do when your data centre provider has an extended outage 6 Jun 2017, 13:04 PM
- No Wanna, no Cry 1 Jun 2017, 16:28 PM
Latest Comments
Authors
- Stefan Haase
- Tim Wilkinson
- Paul Hone
- Ian Rhodes
- Louis Ozougwu – MCITP - OCP - Oracle RAC
- Jonathan Birch
- Sean Paxton
- Glenn Temple
- Mark Hall
- Simon Michie
- James Odom
- Peter Nailer
- Fraser Fisher
- John Roberts
- Phil Dyson
- Graham Francis
- Andy Mills
- Mark Halpin
- Chris Bull
- Vaughan Andrews
- Martin Fisher
- Francis White
- Stuart Brown
- Phil Moore
- Anton Murphy
- Wesley Hornsey
- Louis Ozougwu
- Chris Mcmahon
- John Taylor
- Paul Storey
- Richard Allgate
- Richard Allgate, Mobile Specialist
- Mark Hall, Public Sector Director
- Clive Atkins
- Stephen Rees
Project Prism – do you know where your data is?
Posted by Stefan Haase | 19 June 2013, 14:14 PM
Facebook and Microsoft are among numerous American technology organisations revealing details of requests for data, made by the National Security Agency (NSA), as part of their data recovery project, Prism. In the wake of Edward Snowden’s whistleblowing, it has come to light that many American corporations have been subject to requests from the US government for data pertinent to investigations into local crime and national security. And while some information, due to the way it is encrypted, is not recoverable (iMessages and Skype logs), in the name of security, user and data privacy has been compromised.
Most Cloud providers will be affected by the development as a large proportion are US companies, and many of those who aren’t have extensive dealings in the US. The USA Patriot Act, signed in 2001, grants the US government access to any data processed and stored in the US. And within the US legal framework, the ‘extra-territorial jurisdiction’ doctrine suggests that even EU Cloud providers will be subject to compliance once they fall under US laws, e.g. when transferring data to the US. Though Facebook’s servers hold data for 1.06 billion active monthly users, and requests for information pertained to just 18,000 accounts, it is important that CIOs looking to move data to the Cloud reflect on the lessons to be learned from this incident.
No matter the nature of the business, companies are bound to generate – and require storage for – sensitive data. While many CIOs realise the importance of choosing a managed service provider who is based in the same country (for security and compliance reasons, as well as for the improved support service they are likely to receive), and a large proportion are aware of UK and EU data protection laws, not everyone realises that data can be, and often is, transferred to the US for hosting. Once it enters US territory, it is vulnerable. It is my hope that this incident can pose as food for thought for those not paying attention to what happens to their data once it is ‘handed over,’ either when taking Infrastructure as a Service or Software as a Service solutions. CIOs should thoroughly research where the HQ of the managed service provider is, and where data is stored and processed – does it remain in the EU? And rather than digging through hidden clauses in a contract, it is important to simply ask the key questions you need answering. Where data resides should be a deciding factor for CIOs in light of this revelation, and it is important to be proactive in the search of information that will improve the security and privacy of your data.
Post a comment
Comment submitted! Comments needs approval before being displayed.
Comments