|By David Tishgart||
|December 16, 2013 09:30 AM EST||
InfoWorld's been doing a bang-up job covering the NSA spying scandal from the get go, and this blog from David Linthicum titled, “Let the NSA spy on us - We’re still moving to the cloud,” continues the trend.
The Cliff's notes: In an IDG News survey, high-ranking IT executives in North America and Europe were asked about the effect the NSA snooping practices have had on their cloud computing strategy. Despite the furor over the NSA, these leaders are still committed to the cloud.
Linthicum talks about the dollars and cents, that efficiency and agility benefits that the cloud provides to the enterprise far outweighs any concern that the NSA might be tapping into their communications. This echoes what we hear every day from our customers, but with a little more nuance that goes beyond quantifiable business benefits.
For example, while there’s been a lot of water-cooler discussion about the NSA and its PRISM program, I think the majority of companies recognize that their corporate IP and customer data is neither being targeted nor threatened by the government agency. If the spying program has done anything at all, it's actually raised awareness about the need for stronger cloud security techniques to the C-suite, and that's a good thing.
Despite what we often hear in the press, the public cloud can actually be pretty secure. In many cases, moreso than even an on-prem data center. But security in the public cloud all comes down to trust. How well do you trust your cloud provider's provider? Can you verify that they're enforcing the necessary protections on your data? Do you know who, outside of your company, can access your data?
While there's no single cloud security solution that will take these worries away, a great way to prevent prying eyes (by the NSA or others) from accessing your data is to encrypt the data at rest and maintain control of the encryption keys. Don't hand them over to your cloud or SaaS provider. You can read much more on key management at this link.