Feeds

Snowden leaks made us look twice at cloud suppliers – biz bods

Survey: Corporates putting cloud firms under closer scrutiny

Secure remote control for conventional and virtual desktops

Businesses are conducting more due diligence on cloud suppliers and demanding more localised storage of their data in the wake of reports about US surveillance activities, according to a new survey.

One in six businesses are also either delaying or cancelling cloud computing contracts in light of revelations about the alleged communications surveillance activities of the US National Security Agency (NSA), as leaked to the media by whistleblower Edward Snowden, according to the survey.

NTT Communications commissioned a survey of 1,000 IT decision makers from the UK, France, Germany, Hong Kong and the US earlier this year into attitudes to cloud computing post-Snowden. Of the respondents, 60% came from businesses with at least 1,000 employees from across the financial services, retail, manufacturing, professional services, IT and energy sectors.

"This report paints a picture of ICT decision-makers who wish to protect their company’s data even if it means delaying cloud computing projects that could deliver them much-needed flexibility and performance gains," NTT Communications said in its "NSA after-shocks" report (11-page / 761KB PDF). "[Businesses] want to guarantee the sovereignty of their data and reap the benefits of cloud computing. But they can only do so if they can specify exactly where and how their data is stored in the cloud."

Last summer former NSA contractor Edward Snowden began leaking details about the alleged scale and scope of the surveillance activities undertaken by the NSA. The information, which Snowden shared with the UK's Guardian newspaper among other global media outlets, has suggested that the NSA has had the capability to access data stored by some major US-based technology companies, including Google and Microsoft. The companies have denied giving 'back door' access to the information stored on their servers.

According to NTT Communications' report, 31 per cent of IT decision makers have decided to move their business data "to where they know it will be safe", following the Snowden coverage. More than half of the respondents (52 per cent) said their business was now conducting "greater due diligence on cloud providers than ever before".

"Keeping data in their own country was most important to German ICT decision-makers (32 per cent of respondents agreeing), followed by the UK (24 per cent) and France (23 per cent)," the report said. "By contrast, only 16 per cent of US respondents, and 17 per cent in Hong Kong took the same view."

More than a third of businesses (38 per cent) have also altered the procurement conditions they set when seeking a cloud provider following the Snowden revelations, according to the report, whilst 62 per cent of non-cloud users said that the leaks "have prevented them from moving their ICT into the cloud".

The survey also revealed raised concerns about data protection among businesses.

"Nearly three-quarters (72 per cent) of ICT decision-makers polled said they would revisit every cloud and hosting arrangement to ensure data protection, if they had the necessary time and resources," NTT Communications' report said. "Almost nine in ten (86 per cent) of US respondents held this view, as did three quarters (75 per cent) of French respondents. German, UK and Hong Kong respondents agreed but less so (65 per cent, 62 per cent and 62 per cent respectively)."

"The Snowden revelations have also made ICT decision-makers more aware of the need to have detailed knowledge of data protection rules. 84 per cent of ICT decision-makers globally believed they need training on data protection laws and security rules in the territories their businesses operate," it said.

Last year a US think tank said that US cloud providers could lose between $21.5bn and $35bn over a three year period in the wake of the Snowden revelations.

Copyright © 2014, Out-Law.com

Out-Law.com is part of international law firm Pinsent Masons.

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
NSA SOURCE CODE LEAK: Information slurp tools to appear online
Now you can run your own intelligence agency
Azure TITSUP caused by INFINITE LOOP
Fat fingered geo-block kept Aussies in the dark
Yahoo! blames! MONSTER! email! OUTAGE! on! CUT! CABLE! bungle!
Weekend woe for BT as telco struggles to restore service
Cloud unicorns are extinct so DiData cloud mess was YOUR fault
Applications need to be built to handle TITSUP incidents
BOFH: WHERE did this 'fax-enabled' printer UPGRADE come from?
Don't worry about that cable, it's part of the config
Stop the IoT revolution! We need to figure out packet sizes first
Researchers test 802.15.4 and find we know nuh-think! about large scale sensor network ops
Turnbull should spare us all airline-magazine-grade cloud hype
Box-hugger is not a dirty word, Minister. Box-huggers make the cloud WORK
SanDisk vows: We'll have a 16TB SSD WHOPPER by 2016
Flash WORM has a serious use for archived photos and videos
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
prev story

Whitepapers

Driving business with continuous operational intelligence
Introducing an innovative approach offered by ExtraHop for producing continuous operational intelligence.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Simplify SSL certificate management across the enterprise
Simple steps to take control of SSL across the enterprise, and recommendations for a management platform for full visibility and single-point of control for these Certificates.