Many reading this are probably already well aware of the damaging news the super-secretive National Security Agency suffered recently, when details about the NSA’s PRISM program was leaked by former NSA IT contractor, Edward Snowden, who alleged that the agency collects and stores phone records of millions of Americans. Much more hair-raising were the follow-up articles from The Washington Post and The Guardian, claiming that PRISM gives the NSA unrestricted access to the servers of Internet giants like Apple, Facebook, Google, and Microsoft.
Even though there is much debate as to what’s real and what’s being embellished with the NSA’s data collection program, there’s no doubt that the issue of privacy is going to be pushed front and center for the foreseeable future. I’m also starting to hear some rumblings in IT circles about the cloud and some making the connection that if the NSA can snoop the servers of the Internet giants, it can certainly gain access to many, if not all, cloud data centers. What’s more is the fact that if the NSA can suffer a “data breach,” how much more likely could a cloud provider compromise your customers’ sensitive data? Following are a couple of points to keep in mind as you prepare to field questions from existing clients and new prospects.
1. SSAE 16-Audited Data Centers Have Better Security Than Most Companies
In order for a cloud data center to pass an SSAE 16 audit, it has to demonstrate several levels of data protection not only with its servers, but with the physical security that surrounds its data center. Unlike the NSA debacle where a concerned contractor was allegedly able to copy files onto a USB drive and capture all sorts of incriminating information, most cloud data centers have much stricter controls in place to prevent this from happening as well as SLAs (service level agreements) guaranteeing as much. It’s been shown time after time that the level of security provided by most cloud providers far exceeds what any company can provide at its own facility.
2. Encryption Is The Key To Peace Of Mind
What some customers don’t realize is that even if a cloud provider had a highly intelligent rogue employee who was able to bypass the provider’s video surveillance and internal security systems and steal data (highly unlikely), or if they were required to turn over data to the NSA, if the data on the cloud servers was encrypted, the data would be unreadable. This is an important point because it addresses security concerns from hackers, rogue employees, as well as secretive government agencies.
Instead of being fearful that news like the NSA’s PRISM program could hurt your cloud sales, take this as an opportunity to educate customers and help them put things in perspective. When they look at the facts, it should become apparent that the cloud is one of the most secure places for their data.