"The NSA and other intelligence agencies are good at gathering intelligence," said Richard A. Clarke, a counterterrorism expert, at a keynote address at the Cloud Security Alliance Summit in RSA2014 this week, according to foreign media reports, Richard. They have the potential to create a state of police surveillance. " Clark is a former national coordinator of security, infrastructure protection and counter-terrorism in the United States, and has served as President of the United States as adviser to President Ronald Reagan.
RSA2014: Counterterrorism experts talk about the NSA's 10 impact on cloud security (Pictures from seen.co)
Since many countries in the world have such monitoring techniques, the task of controlling these technologies is more important than the technology itself. He noted that the NSA had the following 10 major implications for cloud computing security:
1. There is no link between policy makers and their desire to gather information and the actual collection of information. If they want to gather intelligence, they will take all the means they can think of to gather information. Senior decision-makers must be very specific about what information they want to collect and what they need, and what they don't allow us to collect. Mr Obama's response is that our ability to collect such information does not mean that we should collect such information.
2. The NSA has done a good job of attacking, but it is very bad in terms of the security of its own network. The lesson here is that it's a good record when you say you want to use perimeter defense mode. However, you have to implement this defensive mode, but also to increase the good internal security.
3. U.S. companies are losing market share in Europe, the Middle East and north and south, as a result of the NSA surveillance scandal. This is the result of public policy mistakes.
4. One reason for the decline in U.S. market share is that non-companies use the NSA surveillance scandal as a marketing tool. Some Asian companies say they do not buy American products because the NSA may install eavesdropping devices in those products.
5. Governments around the world, especially European governments, are using the NSA surveillance scandal to expose the concept of data localization.
6. Any real solution that concerns the hacking of databases and cloud services is irrelevant to the location of the server, and the solution is to encrypt the content in the cloud.
7. To effectively protect data security, users need to encrypt data in the process of data transmission, use and storage. This means that the encryption standard must be trustworthy.
8. The United States Government should notify everyone immediately of the discovery and knowledge of the security vulnerabilities of 0. This should be a general policy. But the United States government has not done so.
9. If we implement information democracy, we need a strong and independent regulatory Commission on privacy and civil liberties. This committee has the right to see everything.
10. These issues are not a concern for the United States. Clark says the United States is not the only country to implement surveillance. We are just the best countries to date. We need some international standards. The U.S. government says it does not attack the country's financial system. This is a good starting point.