Revelations from the NSA leaks shows that the NSA can steal or use the law to demand encryption keys from providers. The NSA (and possibly other organizations) are not only keeping pace with technology, but also planning for the future of data in the cloud.
Business must also be looking and planning for the future. Starting now. Starting with strong cloud encryption.
CNN reports that NSA has a number of methods for accessing data: “the use of supercomputers to crack codes, covert measures to introduce weaknesses into encryption standards and behind-doors collaboration with technology companies and Internet service providers themselves.” According to CNN, most of NSA’s information comes from moles placed in companies, not from technology. This means that the less information the cloud provider is privy to, the less can be passed to the government.
Edward Snowden, the former computer technician at NSA who leaked documents belonging to the agency, has said that “properly implemented strong crypto systems are one of the few things that you can rely on.” Weak encryption will be easily infiltrated by the NSA, but stronger encryption is still out of its reach.
It has been suggested that regular users shouldn’t be concerned about NSA infiltration since they aren’t engaging in suspicious activity. However, there is reason to be extra-vigilant: NSA’s activities may have weakened overall internet security, making their back door strategies available to technologically advanced criminals as well as to government agencies. The persistent question of “is my data secure in the cloud?” has been answered clearly: data is only as secure as you make it.
And to make data secure in the cloud, you must use strong cloud encryption.
Read the Full Article: Source –Infosec Island