The best defense against surveillance in the cloud is strong locks, says Amazon CTO Werner Vogels by Mathew Ingram.
From the post:
Although fear of government surveillance has made Amazon’s job more challenging when it comes to selling the benefits of cloud data storage, Amazon’s chief technology officer Werner Vogels told attendees at the Structure conference in San Francisco that the company continues to see strong growth in demand both inside and outside the United States, and it is responding to customers concerns about surveillance by stressing two things: strong encryption and the control that Amazon and its AWS infrastructure give to users.
Vogels described how Neelie Kroes, digital commissioner for the European Commission, said in a recent speech that no matter what regulations countries have around privacy or surveillance, hackers and spies will always try to get around them, and so the best defense isn’t a good lawyer, it’s a good lock — and Amazon “has the best locks,” Vogels said. “The point is that the customer needs to be in control of their data, and we give them full confidence that no one is going to access their data but themselves.”
…
You may enjoy the interview if you are looking for reassurance. If you are looking for security advice, drive on.
One example to rebut the “strong lock” argument. The NSA no doubt has pages of protocol about sysadmins changing their passwords, etc. So from a lock standpoint, the NSA had some rocking locks!
Except, some of the key holders to the locks decided to share their keys. Oh.
Locks are only one part, an important one but still just one, of a complex of measures that define “security” for an entity.
Anyone who says differently, is selling you a partial solution to your security problems.