Welcome!

@CloudExpo Authors: Liz McMillan, Zakia Bouachraoui, Yeshim Deniz, Pat Romanski, Elizabeth White

Related Topics: @CloudExpo, Microservices Expo, Containers Expo Blog, Cloud Security, Government Cloud, @DXWorldExpo, SDN Journal

@CloudExpo: Article

Implications of NSA’s Violation of Privacy Rules for US Cloud Providers

Reports show the NSA violated its own privacy rules and overstepped its authority thousands of times in the past few years

New reports show that when the NSA was conducting its surveillance programs, perhaps including XKeyscore and PRISM, the agency was not following its own legal guidelines. These reports, based on internal NSA audit reports leaked via the "Snowden leak", showing the NSA violated its own privacy rules and overstepped its authority thousands of times in the past few years, will serve to further unsettle many enterprises abroad, even leading some to conclude that utilizing U.S. cloud applications is not worth risking unauthorized data access by the government and others.

Recent reports estimate this new hesitation to use U.S. cloud applications may cost providers more than $35 billion in the coming years. With new revelations that the NSA broke its own privacy rules, enterprises globally may find even more reason to hold back from U.S. cloud providers, potentially making the size of the impact even worse for U.S.-based cloud providers.

As we stated in a recent press release on the topic, when enterprises allow fears of surveillance to slow down or stop their adoption of U.S. cloud applications, it has the potential to put those enterprises at a competitive disadvantage to others in their industries - specifically in cases where they are "forced" to adopt a less beneficial/efficient cloud service for managing their business.

This is where I believe the PerspecSys award-winning cloud data protections gateway can - and is - playing a critical role. The gateway, which can utilize fips140-2 validated encryption modules and/or industry-validated tokenization approaches, secures data before it leaves an organization's control and leaves their trusted environment for processing and storage in U.S.-based cloud service providers. This takes the concern that we have been discussing in this blog completely off the table.

Here is a case in point: as highlighted in a recent article, a customer recently shared this about the use of PerspecSys' solution:

"We are not tokenizing just one or two fields for credit cards, we tokenize anything and everything. We won't send any client-related information outside of our firewalls. PerspecSys gives us peace of mind and enables us to take advantage of the cloud offerings that require us to have data outside the firewall."

- Director for Strategic Projects, Top 5 Global Bank

PerspecSys' view is that the key is control, that is, being able to keep sensitive data on premise and, before sending any information to the cloud, using tokenization or encryption to make that data meaningless to anyone who attempts to access that has not been authorized to do so by the enterprise.

Read the original blog entry...


PerspecSys Inc. is a leading provider of cloud protection and cloud encryption solutions that enable mission-critical cloud applications to be adopted throughout the enterprise. Cloud security companies like PerspecSys remove the technical, legal and financial risks of placing sensitive company data in the cloud. PerspecSys accomplishes this for many large, heavily regulated companies across the world by never allowing sensitive data to leave a customer's network, while maintaining the functionality of cloud applications. For more information please visit http://www.perspecsys.com/ or follow on Twitter @perspecsys.

More Stories By Gerry Grealish

Gerry Grealish is Vice President, Marketing & Products, at PerspecSys. He is responsible for defining and executing PerspecSys’ marketing vision and driving revenue growth through strategic market expansion and new product development. Previously, he ran Product Marketing for the TNS Payments Division, helping create the marketing and product strategy for its cloud-based payment gateway and tokenization/encryption security solutions. He has held senior marketing and leadership roles for venture-backed startups as well as F500 companies, and his industry experience includes enterprise analytical software, payment processing and security services, and marketing and credit risk decisioning platforms.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


CloudEXPO Stories
With more than 30 Kubernetes solutions in the marketplace, it's tempting to think Kubernetes and the vendor ecosystem has solved the problem of operationalizing containers at scale or of automatically managing the elasticity of the underlying infrastructure that these solutions need to be truly scalable. Far from it. There are at least six major pain points that companies experience when they try to deploy and run Kubernetes in their complex environments. In this presentation, the speaker will detail these pain points and explain how cloud can address them.
The deluge of IoT sensor data collected from connected devices and the powerful AI required to make that data actionable are giving rise to a hybrid ecosystem in which cloud, on-prem and edge processes become interweaved. Attendees will learn how emerging composable infrastructure solutions deliver the adaptive architecture needed to manage this new data reality. Machine learning algorithms can better anticipate data storms and automate resources to support surges, including fully scalable GPU-centric compute for the most data-intensive applications. Hyperconverged systems already in place can be revitalized with vendor-agnostic, PCIe-deployed, disaggregated approach to composable, maximizing the value of previous investments.
When building large, cloud-based applications that operate at a high scale, it's important to maintain a high availability and resilience to failures. In order to do that, you must be tolerant of failures, even in light of failures in other areas of your application. "Fly two mistakes high" is an old adage in the radio control airplane hobby. It means, fly high enough so that if you make a mistake, you can continue flying with room to still make mistakes. In his session at 18th Cloud Expo, Lee Atchison, Principal Cloud Architect and Advocate at New Relic, discussed how this same philosophy can be applied to highly scaled applications, and can dramatically increase your resilience to failure.
Machine learning has taken residence at our cities' cores and now we can finally have "smart cities." Cities are a collection of buildings made to provide the structure and safety necessary for people to function, create and survive. Buildings are a pool of ever-changing performance data from large automated systems such as heating and cooling to the people that live and work within them. Through machine learning, buildings can optimize performance, reduce costs, and improve occupant comfort by sharing information within the building and with outside city infrastructure via real time shared cloud capabilities.
As Cybric's Chief Technology Officer, Mike D. Kail is responsible for the strategic vision and technical direction of the platform. Prior to founding Cybric, Mike was Yahoo's CIO and SVP of Infrastructure, where he led the IT and Data Center functions for the company. He has more than 24 years of IT Operations experience with a focus on highly-scalable architectures.