In-depth

Why the security industry must stop the Edward Snowden scaremongering

Davey Winder argues that it's time for the security industry to stop fixating on the Edward Snowden's revelations

An email arrived in my inbox this week with the 'revelation' that Dropbox had complied with 268 law enforcement and government agency requests since January 2014.

Of those, only 91 of the customers concerned were informed regarding the legal process leading to this examination of their data. So far, so interesting, although not particularly surprising, as this kind of data privacy issue has been big news ever since the first trickle of Edward Snowden leaks began last summer.

Hanging the key management argument on the spy scandal hook is becoming increasingly dangerous. The more people read this reasoning, the less impact it has and the less likely they are to take it seriously.

It was also no surprise the email then went on to warn me that "many other cloud and data storage providers are receiving these kinds of requests every day," and - here comes the PR payload - there is "a way for cloud providers to extricate themselves from being in bed with the Feds."

That route involves customer-managed encryption keys.

While I happen to think that retaining control over encryption keys is a very good idea indeed, and have explained why very recently over at our sister publication Cloud Pro, I don't think it's all about Edward Snowden, Big Brother or the FBI knocking on your data storage door with a feather either.

Hanging the key management argument just on the spy scandal hook is, in my opinion, becoming increasingly dangerous. Mainly because the more people read this reasoning, the less impact it has and the less likely they are to take the matter seriously.

The real argument has more to do with due diligence, regulatory compliance, accidental data leakage and organised crime than anything else. Focusing on those arguments are far more likely to lead to change within the enterprise cloud security mindset.

I've been as guilty as anyone of suffering from OSS, AKA Obsessive Snowden Syndrome. However, it's time to stop.

There are far too many vested interests for it to continue, and I include myself and the rest of the technology media here, along with the primary defendant in the shape of the security vendors.

What Snowden did deserves our collective praise, and the increase of insecurity awareness as a result is important. Now, I would argue is the time to get back to basics and start remembering that it's all about the data. Secure that data effectively, and that includes having control and possession of your encryption keys, and you can ignore the hyperbole.

Featured Resources

Navigating the new normal: A fast guide to remote working

A smooth transition will support operations for years to come

Download now

Leading the data race

The trends driving the future of data science

Download now

How to create 1:1 customer experiences at scale

Meet the technology capable of delivering the personalisation your customers crave

Download now

How to achieve daily SAP releases

Accelerate the pace of SAP change to support your digital strategy

Download now

Recommended

NSA warns smartphone users of ‘large scale data tracking’
privacy

NSA warns smartphone users of ‘large scale data tracking’

5 Aug 2020
Hundreds of thousands of Instacart customers impacted by data breach
phishing

Hundreds of thousands of Instacart customers impacted by data breach

23 Jul 2020
How to enhance your backup strategy
backup

How to enhance your backup strategy

27 Feb 2020
NSA hands serious flaw to Microsoft rather than use it
cyber security

NSA hands serious flaw to Microsoft rather than use it

15 Jan 2020

Most Popular

Windows XP source code allegedly leaked online
Microsoft Windows

Windows XP source code allegedly leaked online

25 Sep 2020
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020