How safe is your data? Why using US-based cloud services providers may mean your data isn’t as confidential as you think…
In our Talking Point series, we dedicate space to subjects of interest to our customers – usually as a result of questions that we receive during our normal business.
If you’re a company handling sensitive customer and business data your switch to a cloud-based network will be heavily influenced by the added security it offers. In the legal, accountancy and other fields where a great deal of personal and sensitive information is held about clients, you’ve a duty of care to protect this information from falling into the hands of those who would seek to abuse and use it for their own financial gain.
Let’s face it, storing your company’s vital data in a secure Tier IV data centre, protected by 24/7 security with multiple power sources to prevent downtime and robust systems in place to ensure no-one illicitly gains access (even yourself!) is a whole lot safer than on an in-house server. And it’s a lot safer than a stack of back-up discs on a shelf in the corner of an office which can easily be swiped and/or destroyed by an intruder. As for backing up onto a portable hard drive which is then taken out of the office, well… the information security risks are almost limitless.
But there is a huge caveat to this. For businesses using cloud companies with services housed in data centres based in the US, they’re unwittingly subject to the USA Patriot Act. The act was originally brought into law after the 9/11 attacks as a way of giving security services an greater ability to intercept illicit communications. However, in practice, its use by the security services has been more far-reaching than anyone thought possible.
Any business operating within the jurisdiction of the United States is subject to the act. It is now proven to give government agencies the ability to call upon and access any information they request.
It’s the kind of all-reaching access NSA informant Edward Snowden blew the whistle on. Those agencies have the power to access and view any of your personal and confidential data if it is stored in US data centres.
Of course, the likelihood is your data won’t be compromised. But how would your customers feel knowing their personal data may be vulnerable?
It’s a matter of confidence.
At Worknet, we use as a UK-based Tier IV data centre to ensure none of our customers’ data is at risk or can be compromised by government agency prying (unless it turns out Parliament has done the dirty on us as well). I understand how important it is to be able to say confidently to our customers their data and their customers’ data is 100% secure.
The issue is few people using US-based cloud services in the UK are aware of the powers of the act… or the fact their data is subject to it. Therefore, it’s no surprise those services haven’t exactly been upfront with businesses about how their data is used. And these aren’t small names we’re talking about here, by the way – think of any US cloud service such as Gmail, Hotmail, Yahoo, Dropbox, Amazon Web Services and even Office365. The list is bigger than you’d think.
Google even admits Gmail has now started to encrypt all its emails between data centres to try and avoid government spying.
If you’re concerned about your data, download our free guide to the US Patriot Act and its implications on your sensitive data. The report “How safe is your data?” is available at www.worknet.co.uk/patriotact
Marvellous things our customers say…
“It works the way of an in-house system. The
benefit of Hosted Desktop is the security aspect.
We don’t have the resource to have someone
here permanently looking after IT, so the major
benefit is security and having it backed up
Hitesh Dhokia, MD, ChaseBridge
“We have found Worknet to be extremely
flexible in their approach. Our growth has
meant that we needed an IT partner that was
capable of providing the right solution to our
HQ and branches on time and on budget.
Worknet is that partner.”
Huw Chivers, MD Hot Tub Barn