Data Privacy alert!

Fresh in from The Register:

Events
How the CLOUD Act affects your company's data
15th April 2020. 11am
Combating the threat to privacy, and complying with GDPR
reddit

Twitter

Facebook

linkedin
your_companies_data
Warning: your company's data may be at risk if you don’t watch our RegCast.

The US CLOUD Act allows federal law enforcement to access electronically-stored communications data located outside the United States stored on the servers of all the major US cloud companies, even if those servers are outside the US, provided that the information they seek is relevant to a criminal investigation.

If the Feds use this method to nose into your data, anywhere in the world, they don’t even need to tell you. It’s not something that the cloud companies are keen to make a fuss about with their non-American customers, for obvious reasons.

Hey, you say, I’m protected by the GDPR! True, any cloud provider that complies with US law risks breaching the GDPR too. But, if push comes to shove, will your cloud provider side with you, or with the US government?

If all this makes your blood run cold, we’ll try to warm it up a bit with our latest RegCast. We’ll be explaining:

whether your data (or your customers' data) is really as safe as you thought it was
why the Act means you might not be GDPR compliant after all
what you can do about it
In the studio with Tim Phillips will be Sab Knight of IONOS, and Robert Healey of Relentless Data Privacy.

By viewing this webinar, you agree that you have read and accepted our Terms and Conditions, our Privacy Policy and our Cookie Policy.

I remember when all this fancy cloud storage started becoming a thing in the 2000's, and I thought then, it was a bad idea. In the 90's, I learned of the dangers of virus's, and hackers, so naturally, I knew that it was a dangerous proposition to store data on online servers, which could easily be hacked! Also, keep in mind that identity theft has been on the rise over the last decade, and all your really doing is making it easier for them to steal your identity, by putting your data on a cloud server.

I recently found out that ProtonMail is going to be starting up their first, supposedly secure, cloud server very soon. The only way that they would be able to prove to me, that their new cloud server is 100% secure, is if government has no access to it, including nobody else. Anybody who caters to their governments every whim, obviously doesn't have your security at heart. When you look at ProtonMail's EULA, it does state in their that they will cooperate with law enforcement, which is a part of the government.

At this point I don't really know what to think when it comes to PM. However, when it comes to other's that are well known for NOT being secure, I have plenty to think about them, NOT TRUSTWORTHY are the words that come to mind. And all these past years of hackers hacking into many companies systems have proven, that none of them are secure! Truth is, when it really comes down to it, anything you put on the internet is not secure.

Honestly, cloud storage started making less sense, when you could start buying 8TB hard drives for 150 dollars. No cloud storage that I am aware of offers 8TB of data storage! And the beauty of having your own storage drives is, you know exactly where they are, you can choose to have the hard drives online or offline depending on your needs, and can protect them against natural disasters, if one was to present itself.

star treker wrote:Truth is, when it really comes down to it, anything you put on the internet is not secure.

Yep.

star treker wrote:Honestly, cloud storage started making less sense, when you could start buying 8TB hard drives for 150 dollars. No cloud storage that I am aware of offers 8TB of data storage! And the beauty of having your own storage drives is, you know exactly where they are, you can choose to have the hard drives online or offline depending on your needs, and can protect them against natural disasters, if one was to present itself.

If you want total security, you need a separate machine that is isolated entirely from a net connection. That's the short of it.
There are pros and cons of a Cloud. A ten billion terabyte HDD can still fail on you. You end up buying two- one as a back up and one as a back up for the back up. Using the cloud eliminates that as Cloud Storage uses multiple backups (part of why it is expensive). Cloud storage also copies your data on each back up. When you back up, you must ensure you back up to the back up and back up the back up and it is a PITA.
I think Cloud storage is fine for regular use and frankly, even if I am politically protective of privacy, I really do not care if the government or Google is looking at pictures or documents I have in storage as the vast majority of it is often seen publicly, anyway.
For things I REALLY want secure, like financial records etc., I use a separate drive that plugs in, and unplugs when not in use. And yes, the PITA Back up to that back up applies, but at least I am only backing up sensitive material, not EVERYTHING.