Is your data safer in the cloud?

UNIVERSITY OF JYVÄSKYLÄ

Is your data safer in the cloud?

Professor of Practice Martti LehtoUniversity of Jyväskylä, Faculty of

Information Technology22.9.2016


• European Commission states, the benefits of the cloud services come from its economies of scale.

• The strategy states that if 80% of organisations will adopt cloud computing, a cost savings of at least 10-20% are to be achieved and also significant productivity gains are to be expected.

• The strategy outlines actions to deliver 2.5 million new European jobs, and an annual boost of EUR 160 billion to EU GDP (around 1%), by 2020 .

EU Cloud Computing Strategy


01.05.2023

Threats against Cloud Services

State sponsored

cyber espionage

Organized Cyber

criminals


01.05.2023

Cyber espionage can be defined as action aimed at acquiring secret information (sensitive, proprietary or classified) from private citizens, competitors, groups, governments and adversaries for political, military or financial gain by using illicit methods on the Internet or in networks, programs or computers.

Cyber espionage


01.05.2023

ECHELON, a signals intelligence (SIGINT) collection and analysis network was capable of interception and content inspection of telephone calls, fax, e-mail and other data traffic globally through the interception of communication bearers including satellite transmission, public switched telephone networks (which once carried most Internet traffic) and microwave links.

Cyber intelligence

PRISM (US-984XN) is a clandestine electronic surveillance data mining program launched in 2007 by the National Security Agency (NSA).


Google’s CEO Larry Page and David Drummond, Chief Legal Officer: “First, we have not joined any program that would give the US government — or any other government — direct access to our servers. Indeed, the US government does not have direct access or a “back door” to the information stored in our data centers. We had not heard of a program called PRISM until yesterday.”

(Google Official Blog, 2014)

US company reactions after Snowden

Facebook CEO Mark Zuckerberg: “Facebook is not and has never been part of any program to give the US or any other government direct access to our servers. We have never received a blanket request or court order from any government agency asking for information or metadata in bulk, like the one Verizon reportedly received. And if we did, we would fight it aggressively. We hadn't even heard of PRISM before yesterday.”

(Zukkerberg, 2014)


US company reactions after Snowden

Microsoft published their Statement of Microsoft Corporation on Customer Privacy: “We provide customer data only when we receive a legally binding order or subpoena to do so, and never on a voluntary basis. In addition we only ever comply with orders for requests about specific accounts or identifiers. If the government has a broader voluntary national security program to gather customer data we don’t participate in it.”

(Microsoft News Center, 2014).


01.05.2023

SORM (System for Operative Investigative Activities) is a technical system for search and surveillance in the internet. Launched 1996.

In July 1998 the system was replaced by SORM-2 to allow monitoring of the internet, in addition to telephone communications.

Russian Internet service providers (ISPs) must install a special device on their servers to allow the FSB to track all credit card transactions, e-mail messages and web use.

SORM-3 is the newest version and is capable collect all type of information.

‘Semantic Archive’ is a system, what the Russian security services and Ministry of the Interior (MVD) use to monitor open sources (i.e. the media) and the Internet, including the blogosphere and social networks.

Cyber intelligence


01.05.2023

Cyber espionage

Hacker teams

Marketing and analyzing department

Sales department

CustomersEspionage factory


01.05.2023

It’s not a new question but it’s just as relevant now as ever and perhaps more so.

Can anyone really say if it’s possible to be completely sure your data will remain secure once you've moved it to the cloud?

Is it safe from hackers, inept service providers and snooping government entities?

Encryption is a given, but where is your data stored and who holds the keys?

Should you be looking at Public Cloud, Private Cloud, Hybrid Cloud or Community Cloud?



01.05.2023

Our panel of experts will consider these questions and more as they debate the best course of action for any enterprise with concerns for the security of their data in the cloud.

• Magnus Westling, CTO at 24 Solutions• Ivan Kwiatkowski, Cybersecurity Consultant, AMIR

Consulting• Pasi Tyrväinen, Professor (Digital media), Director of

Agora Center, University of Jyväskylä• Mikael Albrecht, security specialist at the F-Secure Labs


UNIVERSITY OF JYVÄSKYLÄ JYVÄSKYLÄN YLIOPISTO

01.05.2023

Thank you