Surveillance reports prompting move to boost cloud and data centre security

Out-Law News | 06 Jan 2014 | 4:59 pm | 1 min. read

Cloud and data centre providers are being forced into upgrading the security of their IT infrastructure as a result of revelations about intelligence gathering, according to a market research business.

Infonetics Research said that stories about the operations of the US' National Security Agency (NSA) had caused "panic" within the cloud computing and data centre industries.

"The primary concern right now among service providers operating data centres is getting the security infrastructure to match the performance of the network infrastructure,” Jeff Wilson, principal analyst for security at Infonetics Research, said. "When it comes to protecting data centres, nothing drives service providers to invest in security solutions more than the performance requirements driven by infrastructure upgrades and the increasing size and scale of attacks."

"The recent disclosures about the NSA ... are causing a new wave of panic, forcing cloud and data centre providers to feverishly shore up their networks and systems," he added.

Last summer whistleblower Edward Snowden, a former employee at the NSA, released confidential documents that revealed details of how the agency allegedly uses a computer programme called 'Prism' to access data stored by major technology companies. Subsequently, other documents leaked by Snowden have detailed a number of other revelations about the apparent scale and scope of the agency's intelligence gathering.

The issues have prompted a debate about the privacy of information held by US companies. In Europe in particular there has been debate over how US companies operating in the EU can be compliant with data protection rules in the trading bloc whilst being subject to data disclosure requirements under US law.

According to IT market analysts and advisors International Data Corporation (IDC), spending on security products and services grew 6.6% to $624.9 million in Europe, the Middle East and Africa (EMEA) in the third quarter of 2013 relative to the same period in 2012. It said that for the first nine months of 2013, the market in the region grew 4.2% from the same period the previous year, with Cisco the largest supplier.

Infonetics Research surveyed data centre or cloud computing providers in North America, Europe, the Middle East and Africa (EMEA) as well as Asia on their data centre security strategies. It said many of the respondents are "planning serious spending on good old-fashioned firewalls" as a result of planned upgrades to their IT infrastructure and interfaces. Installing systems that can prevent distributed denial of service (DDoS) attacks is also a "top priority", it said.

DDoS attacks typically involve hackers using malware-infected computers to bombard systems with such large amounts of traffic that they cease to function.

However, a recent report by German publisher Der Spiegel claimed that the NSA can access data protected by some popular security products because the agency has "burrowed its way into nearly all the security architecture made by the major players in the industry", including Cisco.