|By Paige Leidig||
|July 21, 2014 09:00 AM EDT||
If your organization's got a lot riding on the continued security of its confidential or proprietary data, then you need to stay informed on the threats and how to address them. One of the most worrying threats of late, especially when it comes to cloud data security, is government spying - both foreign and domestic.
Foreign spying and corporate and economic espionage are, of course, not new concepts, but the enterprise's increasing reliance on the Internet and cloud computing make them more of a concern than ever before. Just this week, the Wall Street Journal reported that the U.S. Justice Department has indicted five officers of the Chinese military on charges that they "hacked U.S. companies' computers to steal trade secrets" from firms including U.S. Steel Corp. and Westinghouse Electric Co. Wang Dong, Gu Chunhui, Sun Kailiang, Huang Zhenyu, and Wen Xinyu are the first "employees of a foreign power [to be charged] with cybercrimes against American firms," according to the WSJ, but they won't be the last.
While China is by no means the only nation with alleged hackers under investigation, the Chinese threat to cloud data security is problematic for several reasons. In China's case, all five persons named in the Justice Department indictment are military officers, suggesting Chinese government involvement in the alleged cybercrimes. And Chinese networking gear itself came under fire as early as 2012, when the United States specifically banned appliances from Chinese vendors Huawei and ZTE from use in U.S. government networks. As the devices responsible for passing data back and forth, routers, switches, and other networking gear are especially attractive targets for spies looking to steal sensitive information.
That's not to say that foreign networking equipment and foreign powers are the only things enterprises have to worry about. Allegations that the NSA has been intercepting Cisco gear and inserting spyware in the appliances have driven the networking giant's CEO, John Chambers, to pen an open letter to President Obama "asking that the federal government rein in NSA spying," according to Business Insider. Even if the NSA scales back its surveillance activities, however, the damage has already been done. There's compromised gear out there, and everyone knows it now.
What does all this mean for cloud data security?
Put simply, it means that in this day and age, protecting your data means securing your data. The focus is no longer on simply locking down your infrastructure. You can't rely on network appliances to keep out intruders, because there's no way of being sure that your network appliances haven't themselves already been compromised. The same goes for your cloud service providers. One backdoor in one router may be all it takes to bypass cloud data security measures, leading to a breach.
That's unless the data is itself protected. If your data is secured with strong encryption, and if your organization retains exclusive control to the encryption keys, then your data will remain unreadable to any unauthorized party that tries to access it. A breach in this case will prevent your competitors and governments from doing anything at all with the data they've stolen. For true cloud data protection, you must lock your data down no matter where it goes.
Web Real-Time Communication APIs have quickly revolutionized what browsers are capable of. In addition to video and audio streams, we can now bi-directionally send arbitrary data over WebRTC's PeerConnection Data Channels. With the advent of Progressive Web Apps and new hardware APIs such as WebBluetooh and WebUSB, we can finally enable users to stitch together the Internet of Things directly from their browsers while communicating privately and securely in a decentralized way.
Sep. 29, 2016 11:30 PM EDT Reads: 1,193
Sep. 29, 2016 10:30 PM EDT Reads: 4,029
Sep. 29, 2016 10:15 PM EDT Reads: 2,788
Sep. 29, 2016 10:00 PM EDT Reads: 1,805
Sep. 29, 2016 09:45 PM EDT Reads: 3,128
Sep. 29, 2016 08:45 PM EDT Reads: 2,210
Sep. 29, 2016 08:45 PM EDT Reads: 1,547
Sep. 29, 2016 06:15 PM EDT Reads: 3,685
Sep. 29, 2016 06:00 PM EDT Reads: 1,538
Sep. 29, 2016 05:15 PM EDT Reads: 2,856
Sep. 29, 2016 05:15 PM EDT Reads: 1,583
Sep. 29, 2016 04:45 PM EDT Reads: 2,795
Sep. 29, 2016 04:45 PM EDT Reads: 3,449
Sep. 29, 2016 04:30 PM EDT Reads: 1,344
Sep. 29, 2016 04:30 PM EDT Reads: 1,964