Comms-care Blog

Moving storage centres locally won’t keep spies and cyber saboteurs at bay

by Darren Briscoe

February 13, 2014

Cloud has won over the masses for many reasons but its biggest benefit is giving users instant access to data anywhere and anytime. However, what makes it so great for users is also what makes cloud so vulnerable. If you can access your data anytime you want- what’s stopping others from doing the same?

Not much if the data is valuable to the person trying to hack into it.

The topic of data security has been a recurring issue of discussion since the US National Security Agency (NSA) scandal, which revealed that America had spied on foreign governments and politicians. Washington’s cyber fiasco made world news and confirmed the tech industry’s worry about data stored on the cloud.

Security experts always banged on about encryption and firewalls and the need to add a layer of protection-but how many of us really thought about the impact of losing information? Governments probably didn’t think about it too much-until the NSA scandal struck.

Now, a day doesn’t go by without a news story about how to secure data. The most recent trend is the push for a hybrid model that mixes private and public cloud together. This approach prioritises data and tries to manage security risks by putting valuable data in a private cloud and the less important stuff on a public domain. For many users of cloud, this could be the best option to securing data. But is this really enough?

The Brazilian government is taking security a step further by considering ways to make local use of the Internet less dependent on US-based services, after being spied on by the NSA.
The country wants to force Internet firms to open local data centres that can be used to store locally generated content instead of putting it on the cloud.  If data is kept closer to home, Brazil believes that foreign spies won’t have access to it.

There’s a lot to be said about where data is stored. Centres that are based in countries that are prone to natural disasters or have fragile democracies may not be the safest place for important data.  Neutral, prosperous nations like Finland or Canada are obviously better bets.

However, keeping data locally is not going to change the hard truth about leaks: data is always at risk- regardless of where it’s kept - because the biggest ‘cyber saboteurs’ are closer than you think.

Spying isn’t just the pass time of foreign agencies. In fact, most data security breaches are the result of illegal activity that’s homegrown and happening either within an organisation or very close to its doorstep.

Whether we like to admit it or not, data crime is committed by someone that’s often known to the company. It could be a mole gleaning data for a competitor; a disgruntled employee that wants to get back at his boss; or an IT administrator making a dodgy buck selling content on the black market.

The only way to protect data is to back it up and to encrypt it. Adopting a solid security policy is important too, which identifies checks and balances so suspicious activity can be flagged at once.