Microsoft Subnet An independent Microsoft community View more

Privacy plays an important part in cloud predictions for 2014

It's the time of year for cybersecurity predictions and privacy protections from NSA surveillance play a major role in forecasting what cloud service to trust in 2014.

Privacy plays a major role when it comes to 2014 cybersecurity predictions for the cloud.

Jeff Jones, of Microsoft's Trustworthy Computing, predicted a rise of regional cloud services in 2014.

In the wake of heightened concerns about unauthorized access to data, we will see the emergence and broad promotion of regional Cloud service offerings. The increased sensitivity to both legal data access and intelligence monitoring will be seen as a market opportunity that will be actioned in two ways - startups and existing providers. Regional start-ups will see a new opportunity to compete against global providers, while existing providers will develop and offer services delivered from regionally-based data centers in an effort to allay concerns and provide increased customer choice.  We also anticipate continued levels of interest in the efforts of technology company support of principles to reform government surveillance practices.

Learning the NSA tapped "inter-data-center connections" gave Microsoft a "wake-up call," according to Microsoft Technical Fellow Mark Russinovich, who works as a lead architect for Windows Azure. He told Wired that instead of using "monster routers," Microsoft will utilize datacenter server CPUs to encrypt channels so every individual service will be encrypted when it talks to another service.

"It requires the right custom software - software that must be installed on every single machine - and it requires some extra computation, which is going to have some impact," said Matthew Green, cryptographer and assistant research professor at the Johns Hopkins Information Security Institute. He added, Microsoft and Google "are realizing that cloud services are some huge percentage of their future revenue and they're saying: 'We can't be caught collaborating with the government.'"

That perceived collaboration between the NSA and tech giants has caused the Internet "to break up into national segments," stated Kaspersky Lab. Too many people don't trust cloud services within the USA, so "the shadowy Darknet will be the only truly world-wide web."

Several countries, including Russia, have adopted or are planning to adopt legislation prohibiting the use of foreign services. Snowden's revelations have intensified the demand for these rules. In November, Germany announced that all communications between the German authorities would be fully locked within the country. Brazil has announced its plans to build an alternative Internet channel so as not to use the one that goes through Florida (USA).

"Amid privacy concerns, cloud service providers will have to continue showing security controls and data privacy protection," predicted Trend Micro [pdf]. "The exposure of state-sponsored monitoring will push entities to reconsider where they choose to store their data. Distrust in using U.S. infrastructure may ensue, with foreign governments possibly discontinuing their use. Concerns over international monitoring may cause some states to consider revising policies, specifically those involving Internet use. Despite public outcry though, we will see more of these types of state-level monitoring to occur."

Government spying may be why Lior Arbel, CTO of Performanta Ltd, predicted that split key encryption will become more popular in 2014. "The encryption key is split in two, one half held by the provider and one by the customer meaning that the customer's database can only be accessed [by the provider and/or the NSA] with their active participation."

A few words of warning:

When it comes to who you choose to hold onto your data in the cloud, you can't simply trust a company because it throws around the word privacy. Privacy is a very popular buzzword right now thanks to NSA surveillance pushback. For example, dictionary.com named privacy as the 2013 word of the year; however, I don't recommend you go read about it as the site sets 90 cookies, which morph into 198 cookies, and also connects a visitor to 35 third-party sites, according to The Washington Post. (Writers really have no control over a site's cookies though.) But since the "NSA piggybacks on commercial tracking practices to enable surveillance and exploitation practices, Dictionary.com's choice of privacy and its citing of the 'Edward Snowden scandal' is all the more interesting."

Like this? Here's more posts:

Follow me on Twitter @PrivacyFanatic

To comment on this article and other Network World content, visit our Facebook page or our Twitter stream.
Must read: Hidden Cause of Slow Internet and how to fix it
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.