If you haven’t noticed, there has been a lot of controversy about the recent discovery that companies or individuals are prone to having their activities monitored by the US intelligence services. This is allegedly done under the code name PRISM and again allegedly involves some deep integration with large cloud companies, although many are denying the extent of their participation and service integration.
If the rumours are to be believed, then everything from Google through to Skype and full-blown Windows OS may have some snooping capability built in. So what can you do to protect yourself? Here are the top five things you should consider as a company and as an individual:
1. Run your own private data cloud
Install your own Cloud File Server, use it with your own data, and auditing/governance monitoring, from desktop and mobile clients. It’s behind your firewall and under your control. In short, own your own data.
2. Encrypt your data
If you have to use public cloud services encrypt your data. SME provides streamed 256-bit SHA-1 AES encryption in which you keep the private key. Additionally consider desktop encryptors such as TrueCrypt and BoxCryptor.
3. Consider an alternative non-tracking search engine
DuckDuckGo, for example, enables anonymous searching and offers other privacy features.
4. Use an anonymous proxy that hides your IP address
Tor (originally short for The Onion Router) is free software, available for desktop and mobile clients, for enabling online anonymity. Tor directs Internet traffic through a free, worldwide volunteer network consisting of thousands of relays to conceal a user’s location or usage from anyone conducting network surveillance or traffic analysis. Also don’t forget many ways exist to identify you, even if the IP address is ‘randomised’. Either delete your browser cache, history and cookies etc. or consider using anonymous browser sessions or extensions or add-ins that prevent browser cookies or tracking.
5. Consider the locality of your data
If you are in the UK or EU do you really want your data hosted in the US and subject to the Patriot Act. If you are in the US (or anywhere in the world) consider point 2 strongly. A private cloud can offer just as many benefits as a public cloud. An often trotted out phrase is that “if you are doing nothing wrong you have nothing to fear”. With that simple phrase vanish personal freedoms and liberties built up over hundreds of years from the likes of Thomas Paine onwards.