IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more
In-depth

Why the security industry must stop the Edward Snowden scaremongering

Davey Winder argues that it's time for the security industry to stop fixating on the Edward Snowden's revelations

Edward Snowden picture

An email arrived in my inbox this week with the 'revelation' that Dropbox had complied with 268 law enforcement and government agency requests since January 2014.

Of those, only 91 of the customers concerned were informed regarding the legal process leading to this examination of their data. So far, so interesting, although not particularly surprising, as this kind of data privacy issue has been big news ever since the first trickle of Edward Snowden leaks began last summer.

It was also no surprise the email then went on to warn me that "many other cloud and data storage providers are receiving these kinds of requests every day," and - here comes the PR payload - there is "a way for cloud providers to extricate themselves from being in bed with the Feds."

That route involves customer-managed encryption keys.

While I happen to think that retaining control over encryption keys is a very good idea indeed, and have explained why very recently over at our sister publication Cloud Pro, I don't think it's all about Edward Snowden, Big Brother or the FBI knocking on your data storage door with a feather either.

Hanging the key management argument just on the spy scandal hook is, in my opinion, becoming increasingly dangerous. Mainly because the more people read this reasoning, the less impact it has and the less likely they are to take the matter seriously.

The real argument has more to do with due diligence, regulatory compliance, accidental data leakage and organised crime than anything else. Focusing on those arguments are far more likely to lead to change within the enterprise cloud security mindset.

I've been as guilty as anyone of suffering from OSS, AKA Obsessive Snowden Syndrome. However, it's time to stop.

There are far too many vested interests for it to continue, and I include myself and the rest of the technology media here, along with the primary defendant in the shape of the security vendors.

What Snowden did deserves our collective praise, and the increase of insecurity awareness as a result is important. Now, I would argue is the time to get back to basics and start remembering that it's all about the data. Secure that data effectively, and that includes having control and possession of your encryption keys, and you can ignore the hyperbole.

Featured Resources

The Total Economic Impact™ Of Turbonomic Application Resource Management for IBM Cloud® Paks

Business benefits and cost savings enabled by IBM Turbonomic Application Resource Management

Free Download

The Total Economic Impact™ of IBM Watson Assistant

Cost savings and business benefits enabled by Watson Assistant

Free Download

The field guide to application modernisation

Moving forward with your enterprise application portfolio

Free Download

AI for customer service

Discover the industry-leading AI platform that customers and employees want to use

Free Download

Recommended

US gov issues fresh warning over Russian threat to critical infrastructure
cyber warfare

US gov issues fresh warning over Russian threat to critical infrastructure

12 Jan 2022

Most Popular

Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
The benefits of a hardware update for SMBs
Sponsored

The benefits of a hardware update for SMBs

2 Aug 2022