The 'Snowden Effect' and How It's Changed Enterprise Security Forever
by Shirish Phatak on November 22, 2015
One of the most well-recognized whistleblowers in history, IT contractor Edward Snowden came forward in 2013 to reveal a massive program (PRISM) by the NSA to spy on American citizens, private businesses, and foreign governments. The aftermath of these revelations has caused what the media has dubbed the 'Snowden Effect'. The Snowden Effect includes the reaction and repercussions of this whistle-blowing event.
Obviously, these reactions and repercussions include accusations from the NSA and other government officials, as well as a response from businesses, foreign governments, and private citizens. However you feel about Snowden's actions, the NSA PRISM program, and the political and social aspects of the event, the effects on the enterprise are quite clear. Here is how Edward Snowden changed enterprise security forever.
Enterprises Aren't Just Worried About Hackers Anymore
Businesses can no longer assume that their sensitive data and private communications are not available to government agents who are spying on them.
Before Snowden's allegations, private enterprise believed that its greatest security threat came from hackers. Now -- in addition to hacktivists, ransomware, malware, corporate espionage, identity thieves, and data breaches -- enterprises also have to worry about their own government spying on them. What of their proprietary secrets and business intelligence does the government have?
Snowden's Revelations Strained International Relations
Some nations didn't take too kindly to being spied on. There has been a bit of a backlash on the US from various governments that take privacy and data security more seriously. Though this is far from being the only issue that troubles US foreign relations, it has added a measure of distrust to some international business dealings, and American enterprises sometimes bear the brunt of the suspicions foreigners have for the US.
Snowden Brought to Light the Seriousness of the Insider Threat
Edward Snowden is a hero to some and a traitor to others. But to all, he represents the very epitome of an insider threat. Snowden is what can happen when an employee decides, whether rightly or wrongly, that (s)he doesn't approve of what the organization is doing. Over a period of time, Snowden collected lots of data and hard evidence of the NSA's questionable activities. This could just as easily have been an employee taking the sensitive intel or proprietary data to a competitor or making it public over the Internet.
Snowden Made the Public More Aware of Privacy & Security Concerns
Before Snowden, John Q Public wasn't quite so freaked out about their private data. Again, Snowden isn't responsible for all of the change. The seemingly endless bout of data breaches has taken a toll on the public's trust, as well. But consumers are more aware than ever that companies and other organizations hold, share, and can potentially leak their personal information.
Snowden's Revelations Called Into Question the Use of Cloud & Mobile Technologies
The US government has since been wishy-washy in terms of the exact extent to which the Patriot Act can be used to justify spying on private industry and its citizens. Snowden is equally unapologetic for his role in uncovering PRISM.
Since the NSA used data from telecommunications companies to spy, the use of mobile and cloud technologies is more under scrutiny since the awareness of PRISM. Companies can't assume that their private phone calls, emails, text messages, etc. are safe from prying eyes. Is their CEO's conversation with the head of R&D or his finance VP being recorded? Is someone getting access to the financial documents or secret plans for expansion that have been stored in the cloud?
Fortunately, enterprises do have options for centralizing data so that it can be better monitored and kept secure. Solutions like Microsoft Azure give enterprises a solid, reliable, trustworthy solution for data centralization, while products like CloudFAST™ make the data available across the organization in a secure and trackable fashion. Can these products erase the Snowden Effect for good? Perhaps not. But these are good first steps toward moving forward.