Wednesday, 23 May 2012 16:01

IBM Blocks DropBox, iCloud, Siri, and more Cloud Services over Security Concerns

Written by

Reading time is around minutes.

News_manstealingdataTwo days ago we wrote an article that stated quite plainly that confidence in cloud services is actually beginning to fade as security and privacy concerns mount. At the time we talked very briefly about one of the leading reasons for the push to the cloud. That is “ownership” of your data in all of its forms. We are not just talking about files here though. We are talking about ALL of your data. This includes companies like Facebook, Google, Bing, and more. They want your information because it is worth money to them.

The odd thing is that while companies like AMD, Microsoft and Apple see tremendous value (and revenue) from the cloud we are seeing a trend for other corporations to pull away from these same services. We have learned that IBM has now banned two very common cloud based services due primarily to security concerns.

The first of these we have talked about before and since its creation we have worried over this little application. We are talking about DropBox. In the last three companies I have worked for this program was banned and the service blocked inside the network. One of the biggest reasons is that DropBox defaults wants to use your My Documents folder as its local repository. This means that ANYTHING you put in there automatically gets pushed up to their servers. At that point, they have you.

Now as we have pointed out in theory (and groups like Anonymous have pointed out in fact) the internet is a scary and dangerous place. There are no 100% secure systems, anything that can be locked can be unlocked… I could go on for hours with anecdotes and quotes like this. The simple fact is that if you put your documents on someone else’s servers you no longer have control over them. These can be potentially read by an intruder or even by employees of the company through internal systems (and yes that is VERY possible).

Because of this more companies are building their own private cloud services internally to make sure that the files stay put and (although there is still a risk of attack and intrusion) they have control. One major company to do this is IBM, but there are other examples of DropBox being blocked. I have personally consulted on different ways to do this to prevent theft and loss of data.

Now IBM has additional reasons for this; since they have begun to allow people to bring their own personal devices to work they are now facing even larger security concerns from Malware, and also people having personal accounts for services like DropBox, Apple’s iCloud, SkyDrive, Google Drive and more. They, like many other companies are backing away from “foreign ownership” of their data.

The second app that has reached the point of disabling is Apple Siri. Apparently Apple claims ownership of anything you say through Siri (Samsung also does this with S-Voice as does Vlingo). In the Software License Agreement it states quite clearly;

“When you use Siri or Dictation, the things you say will be recorded and sent to Apple in order to convert what you say into text and, for Siri, to also process your requests. Your device will also send Apple other information, such as your first name and nickname; the names, nicknames, and relationship with you (e.g., “my dad”) of your address book contacts; and song names in your collection (collectively, your “User Data”). All of this data is used to help Siri and Dictation understand you better and recognize what you say. It is not linked to other data that Apple may have from your use of other Apple services. By using Siri or Dictation, you agree and consent to Apple’s and its subsidiaries’ and agents’ transmission, collection, maintenance, processing, and use of this information, including your voice input and User Data, to provide and improve Siri, Dictation, and other Apple products and services.”

This is sort of concerning. So if you were to dictate a response to confidential email Apple will be keeping that information on Apple’s servers. This brings up a whole new area of legality for the way Apple collects information. Does this also violate Doctor/ Patient and Attorney/Client communications laws? While we are certain that Apple’s lawyers went over this SLA we have seen where companies try to slip wording like this into their agreements (Google has been caught at it twice).

Now before someone says that I am anti-Apple or jumps onto the “I Hate Apple” bandwagon it is important to note that Samsung’s new S-Voice does this as do almost ALL voice command services on mobile devices. This is a worry for many IT departments and one that was big enough for someone to outright block it on Apple devices used inside their network. Again this was IBM who expressed concerns that consumers (meaning their employees) were not aware of the way many of these services worked and therefore did not know that the information they put into them was at risk.

We have said it before (too many times to count) and we will say it again, the cloud is not the wonderful place that companies want you to think it is. There are security, privacy and even data ownership issues that have to be faced and addressed before it can become a really viable way to do business. Companies will continue to try and push this concept through as this business model is a money maker, but in the end people need to be aware of the serious risks involved. Perhaps as more and more companies follow IBM’s path and begin to block these services we will see them change into more secure (nothing is completely secure), private and open platforms than they are now.

Discuss this in our Forum

Read 5068 times Last modified on Wednesday, 23 May 2012 16:12

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.