It’s about time we acknowledge a truth. Due to Edward Snowden, the NSA and corporate data intrusion, it’s about time we acknowledge a truth about colocation, Cloud hosting and data center security. With recent revelations, it’s about time we hear at Quotecolo.com and data center providers in general openly state where we once thought data center security was full proof, it isn’t.
This isn’t to say data center providers and colocation hosting companies aren’t constantly working to improve security measures and implement analytics to prove security successes. They are. The only problem? The NSA along with corporate tech giants like Facebook, Yahoo and Google are one step ahead of data center and colocation providers.
In a recent series of articles printed by The Washington Post, it was revealed that the NSA had infiltrated major data center carriers and providers by hacking into private fiber connections connecting various data centers to one another. By doing this, the NSA along with the British GCHQ, had free and unfettered access to the traffic moving across those private fiber lines.
While this is scary enough, what are worse is data center providers and colocation hosting companies couldn’t locate why they were seeing inconsistencies in their security data. Another way of saying this: the NSA and the GCHQ did such a good job at masking their data center private fiber line infiltration that data center providers had no idea they had been hacked. Through the program code named Muscular, the NSA and the GCHQ hacked into the private fiber lines of industry leading infrastructure/security providers without the providers understanding the extent of infiltration.
As noted by Wired noted:
“In one sense, the news cleared up a mystery that had been baffling the companies. ‘It provided us a key to finally understanding what was going on,’ says Microsoft’s general counsel, Brad Smith. ‘We had been reading about the NSA reportedly having a massive amount of data. We felt that we and the others in the industry had been providing a small amount of data. It was hard to reconcile, and this was a very logical explanation.”
As further noted by Wired:
“’At first we were in an arms race with sophisticated criminals,’ says Eric Grosse, Google’s head of security. ‘Then we found ourselves in an arms race with certain nation-state actors [with a reputation for cyberattacks]. And now we’re in an arms race with the best nation-state actors.’ Primarily, the US government.”
So again, we state it is time data center providers, colocation hosting firms and IT infrastructure suppliers openly admit their security protocols aren’t as strong as they once previously thought.
With this admittance, companies can begin the process of understanding why their internal security protocols failed and how to course correct. As noted by Wired, since The Washington Post articles, Google has been moving to fast track encryption on data moving across public networks and traveling within their data centers.
We know it behooves us not to mention this. As a company founded on provided the best colocation, web hosting and Cloud hosting reviews/insights, we know mentioning this undermines your trust – the consumer – in the data center industry. It could be argued that way. It also could be argued we, along with every other colocation and Cloud firm, needs to come forward with this information to act as collective whistle blowers. Every IT firm needs to address this concern so we can begin the process of making our collective security controls that much stronger and that much more trustworthy.
Without a public outing, without a public outcry from Cloud hosting companies and colocation consumers alike, nothing will change.
It’s about time we own up to data center security issues and begin the work of rectifying those concerns.