Do Local Laws Belong In a Global Cloud? Q&A with Brad Smith of Microsoft (Part One)

Adam Segal, Net Politics,  Wednesday, August 26, 2015

In light of the significance of this case for U.S. consumers and businesses, and the impact that its outcome could have on the privacy of digital communications, Brad Smith, executive vice president and general counsel for Microsoft, took the time to answer some questions regarding the case and what its outcome might mean.

Trust and verify: Managing the cloud abroad and at home

Kevin Fitfal and Steve Orrin, GCN,  Wednesday, August 26, 2015

Federal IT professionals used to be able to depend on keeping their information safe in secure on-premise data centers, but times have changed. Traditional data centers could be depended upon for consistent control, visibility and security, but today’s cloud-based centers offer new variants of those capabilities – a fact that IT administrators struggle with every day. This is particularly problematic for those managing two adjuncts of today’s cloud-driven environment: geographically dispersed servers and emerging OpenStack deployments. Both pose their own unique challenges, including the need for assurance that systems are adhering to location-specific laws and security concerns in general.

Microsoft Beefs Up Azure Virtual Machine Cloud Backups

Pedro Hernandez, eWeek,  Tuesday, August 25, 2015

Microsoft has upgraded its Azure infrastructure-as-a-service (IaaS) virtual machine backup service, providing enterprises with more headroom as they implement their cloud-based data protection programs, the company announced. "The new set of features includes support for virtual machine backup with more data disks, long-term retention and more," said Trinadh Kotturu, a program manager in Microsoft's Cloud and Enterprise group. "These features strengthen Azure Backup's ability to back up Azure IaaS virtual machines in a simple and reliable way." The service now supports virtual machines (VMs) that span "16 data disks in addition to the OS disk," he noted. Customers also can expect more predictable backup times as a result of the new enhancements and optimizations.

Five Reasons for Leaving Your Data Where It Is

Markus Rex, Datanami,  Tuesday, August 25, 2015

As cloud adoption continues its meteoric ascent, the number of access points to enterprise data also increases. And while keeping data on premise is no guarantee of security, it does drastically reduce the number of access points. But the case for keeping data on premise goes far beyond a common sense security and risk mitigation play that tells us the fewer servers our data runs through, the safer it is.

DISA’s best practices for cloud migration

Mark Pomerleau, GCN,  Saturday, August 22, 2015

The Defense Information Systems Agency recently released “Best Practices Guide for Department of Defense Cloud Mission Owners” for those planning to migrate existing systems from physical environments to the cloud. The guide follows the release of three other documents in July regarding cloud computing security requirements.

The Microsoft Case

Tracy Mitrano, Inside Higher Ed,  Friday, August 21, 2015

The United States must look creatively forward to ratifying treaties and other legal instruments that would bring a judicious rule of law to legal access of electronic information internationally. But our country cannot do so with a straight face until it sets its own house right. Let us find a path back to the basics of civil liberties established by our Founding Fathers. And let’s us do so in the name of both civil liberties and national defense.

Azure Government Achieves Significant Compliance Milestones

Tom Keane, Microsoft Azure Blog,  Wednesday, August 19, 2015

In April Microsoft announced four new industry certifications for Microsoft Azure – CDSA for the digital media and entertainment industry, FISC for Japanese financial services organizations, DISA Level 2 for the US defense sector, and MTCS Level 3 for the Singapore government. Today I’m excited to share another four milestones specific to Azure Government:

Who Owns Your Email? An Interview With Brad Smith, General Counsel Of Microsoft

Jeff Bennion, Above the Law,  Tuesday, August 18, 2015

There’s no question that a valid U.S. search warrant applies to physical evidence in the U.S. – like that in a house – or digital content in the U.S. – like that in a data center. But the law and longstanding practice are clear that in the physical world, search warrants stop at a country’s borders, and the U.S. government can’t search a house abroad without going through the local government. The question in our case is whether a U.S. warrant can apply to digital communications that are stored in a data center located in another country.

The quiet battle for privacy in the cloud

Dan Horowitz, The Hill,  Monday, August 17, 2015

Recently, a Federal Judge in New York was convinced by lawyers from the Obama administration that international agreements and the Fourth Amendment were simply minor impediments to be brushed aside at the behest of the Department of Justice (DoJ) and their insatiable desire to have automatic access to any electronic data U.S. citizens and companies possess. How is this possible? Why have very few people heard of this? Why aren’t the Netizens up in arms over it?

Backdoors Won't Solve Comey's Going Dark Problem

Bruce Schneier, Schneier on Security Blog,  Saturday, August 15, 2015

At the Aspen Security Forum two weeks ago, James Comey (and others) explicitly talked about the "going dark" problem, describing the specific scenario they are concerned about. Maybe others have heard the scenario before, but it was a first for me. It centers around ISIL operatives abroad and ISIL-inspired terrorists here in the US. The FBI knows who the Americans are, can get a court order to carry out surveillance on their communications, but cannot eavesdrop on the conversations, because they are encrypted. They can get the metadata, so they know who is talking to who, but they can't find out what's being said.