During the last six months of 2012, Facebook said it has received as many as 10,000 requests from local, state and federal agencies, which impacted as many as 19,000 of its 1.1 billion accounts worldwide. Microsoft also received between 6,000 and 7,000 criminal and security warrants, subpoenas and orders affecting as many as 32,000 customer accounts. In addition, Forrester estimates that PRISM will cost U.S. Cloud Companies as much as $180 billion over the next three years.
So, should companies abandon the cloud completely? This would certainly ensure data is secure, but it’s obviously an extreme measure due to PRISM and the Snowden Effect.
The cloud isn’t the problem; in fact, it’s an important aspect of a strong IT ecosystem. It enables a pay-as-you-go model and relieves IT of the burden of installing and maintaining servers and software. What’s needed is all the business benefits of a cloud application (essentially Software as a Service benefits) but in a way where the cloud provider does not have access to data and therefore cannot provide that data to the government if subpoenaed.
At Egnyte, we’re tackling this global issue head on with our newly announced PRISM Prevention Program that allows companies to “sniff out” rogue usage of unapproved and insecure cloud services and move data back under the control of IT.
At that point, IT can easily categorise all of their data to determine where it’s stored and how it’s accessed – in the cloud or on premise. Think about data like a traffic light – red, yellow and green. Red data, such as M&A documents and the “secret sauce” of a company, should never cross the firewall, while green data isn’t sensitive and if someone sees it – not a concern! And yellow falls somewhere in between. This helps make that good distinction of when data can pass through the cloud and when it cannot.
With the Egnyte file-sharing platform, IT can determine how that data is shared from its employee base. For the green files, employees can simply access them through the cloud. For the red files, users can easily access data behind the firewall without a VPN using a new functionality called Storage Connect. It’s as simple as if the files were stored in the cloud – except, the files never touch the cloud in this scenario.
Problem solved – no more prying eyes. Businesses don’t need to worry about PRISM or government agencies accessing their sensitive data when sharing files back and forth since the sensitive files never have to be shared through the cloud.
PRISM hasn’t hurt the cloud; it’s actually helping businesses to better understand the importance of data security and the need to effectively manage how and when business data is accessed and shared. IT can take back control and enable users to share data easily and securely, confident that they have the right tools to keep their business – and their data – safe.