mostly in English, sometimes in Deutsch

Swiss Telecom Plans Cloud Service Hosted Entirely Within Switzerland

[copied from SANS security newsletter, http://www.sans.org/newsletters/#newsbites

 –Swiss Telecom Plans Cloud Service Hosted Entirely Within Switzerland (November 3 & 4, 2013) Swiss telecommunications company Swisscom plans to establish a “Swiss cloud” that will be hosted entirely within that country. The goal is to prevent the NSA and GCHQ from snooping on communications.  (Swisscom is majority-owned by the country’s government.) Switzerland already has stringent data privacy laws in place, which is why companies that provide secure communications services use data centers there.

Prosecutors must obtain court orders before conducting surveillance.

http://www.theregister.co.uk/2013/11/04/switzerland_to_set_up_swiss_cloud_free_of_nsa_snooping/

http://www.v3.co.uk/v3-uk/news/2304738/swisscom-plans-swiss-cloud-to-hide-data-from-prism-spies

http://arstechnica.com/business/2013/11/swiss-telecos-cloud-aims-to-draw-customers-who-are-fearful-of-spying/

http://www.reuters.com/article/2013/11/03/us-swisscom-cloud-idUSBRE9A209S20131103

[Editor’s Note (Pescatore): Just a few months ago Swisscom had to acknowledge a security breach when backup tapes containing customer and corporate sensitive information were stolen and given to a newspaper.

And one year ago the Swiss Intelligence NDB admitted an insider had exported classified counter-terrorism intelligence information and they noticed this when the Swiss bank UBS notified them after UBS traced an attempt to open a new, numbered bank account to the IT technician. Seems like data and bank activity might not be risk-free in Switzerland.

(Murray): When their banks began to cooperate with the US IRS, the Swiss surrendered the historic trust on which such an offering as this might have been based. Those who want confidential communications or storage must rely on private encryption.  One can no longer trust any institution for a result that one cannot verify intraday.

(Northcutt): I think the NSA thing is a bit overdone; they have been cast in the role of the Highlander, able to hear and process all of the world communications. However, cloud storage and processing does need to be taken seriously from a privacy perspective. I really like the University of Delaware policy. It is subtle, but they clearly get it:

http://www.udel.edu/it/security/facultystaff/cloud2.html ]

 

[end copy]

Funny how the (mostly American?) commenters @SANS downplay the relevance/power of the NSA. Give me a break please; this *should* and *will* have consequences as European business will think twice about whether they should host their data in a US company which is subject to US law. IMHO this is rather good as it might allow Europe to stop its sleep in IT and go after some of that business.

 

Tagged as: ,

Categorised in: InEnglisch, NSA, Politics/Politik, Technology

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: