How to Avoid Security Risk Posed by US Cloud Services

It’s still hard to believe, but cloud providers from the USA pose a security risk to our data. The reason is the direct access regulations of the US CLOUD Act and the possibilities granted by executive orders, that is, specific political directives that can target individual companies.

These regulations apply even when the cloud servers of hyperscalers like Amazon, Google, and Microsoft are located within the EU. As US companies, their operators are subject to US law. This law simply extends into our jurisdiction and has little to do with our understanding of data protection. This remains true even if—like Microsoft now advertises—special European solutions are included in the portfolio. Legally, they are ineffective.

The same regulations also apply to companies and start-ups that are (co-)financed by venture capital investors from the USA. Since these (co-)owners are subject to US law, the entire company falls under US regulations through them.

Risk of Data Loss

One risk is industrial espionage, which is made remarkably easy by US regulations. Although it would be possible to file a lawsuit in such cases, data that has leaked remains lost, and any potential knowledge advantage is gone.

Additionally, cloud providers can be instructed to restrict or completely block user access. This could paralyze entire companies and administrations, including federal agencies and operators of critical infrastructure (KRITIS), at the push of a button. A nightmare scenario.

Ways to Protect Yourself

However, companies in the EU are not defenceless. There are two fundamental ways to ensure security for yourself and your company, even in the cloud context:

Use cloud providers from the EU.
Become self-sufficient with an own-cloud solution.

A third way—either in parallel or as an alternative—is to rely on applications and solutions that are intelligently designed and work excellently with large amounts of data, even with limited bandwidth and standard hardware. Huge bandwidths and high-performance servers are not necessary for them, as even with basic resources, they ensure a smooth and efficient workflow.

With such applications, it is even possible for users to display point clouds and BIM models directly on a tablet PC when they are on-site at a facility. An own-cloud solution is also easily possible with them. One application that achieves this, for example, is speedikon VIP.

Picture: ASolano/Freepik.com

You Might Also Like

speedikon Technology Days: Extensive AI enhancements and many innovations in detail

The Best CAFM And IWMS Software

CAFM and ESG – A Deam Team