62 Percent Surveyed Say Government Snooping on Private Cloud Data
More than half of 300 senior-level IT and security pros said that government agencies are accessing corporate data in the cloud.
Calif.-based Voltage Security, conductors of the survey, said that this figure shows that organizations not only need to protect against malicious attacks, but from unwanted surveillance.
"Any sensitive information, including financials, customer and employee data or intellectual property needs to be protected across the entire lifecycle of that data. Any loss or exposure of that data can result in compliance or regulatory fines, loss of brand and reputation and, as the recent NSA events further validate, a loss of privacy around how we communicate and the content of those communications," said Voltage Senior Director Dave Anderson.
While the survey was conducted for marketing purposes for the security firm, its finding does line up with a recent in-depth report by the Cloud Security Alliance (CSA), a not-for-profit organization that focuses on advocating cloud security and best practices.
In the group's survey, 47 percent of worldwide respondents selected that when it comes to their government obtaining personal information through cloud services, " there is no transparency in the process and I have no idea how often the government accesses my information."
The agency conducted their poll after the recent reveal by whistleblower Edward Snowden publically disclosed information that the NSA was using secret court orders to obtain private information on foreign individuals through services provided by U.S.-based corporations including Microsoft, Facebook, Apple and Google in an operation called PRISM.
According to the survey, due to this recent disclosure, 56 percent of respondents were less likely to use U.S.-based cloud providers, while 10 percent said they have or plan to cancel all current U.S.-based cloud services.
When it comes to what can be done to migrate concerns of U.S. surveillance, 41 percent said that "The Patriot Act should be repealed in its entirety," while 45 percent believe the Patriot Act should be modified to provide transparency on how often and what manner it is being used. Thirteen percent said the Patriot Act was fine how it is.
As for those corporations that have already subpoenaed through the Patriot Act, an overwhelming 91 percent of respondents said that these companies should be allowed to provide summary information on what information was accessed.
Speaking on the results of the survey, Jim Reavis, co-founder and executive director of the CSA said this call for transparency by respondents falls directly in line with the cloud advocacy group's mission statement.
"Transparency has always been a significant part of the CSA's vision, and today this objective is more critical than ever," said Reavis. "Our goal with our research efforts, and with the CSA STAR program, is to continue to encourage transparency of security practices within cloud providers. By educating both consumers and providers of cloud services, we strive to provide the tools needed to make informed decisions that take advantage of all the benefits cloud computing has to offer."