I'm not sure I understand your point. If they turn up at any of our premises, then we, as a company will know and have the opportunity to examine and challenge it (even if the horse has bolted). If it's with a third party, they can (and it happens a lot) be gagged and you won't know that your data has potentially been compromised by LE (let's face it - they're not perfect in terms of technical controls or people controls; no one is!).
To some, that's not a relevant business risk; to others it's a significant one. a -----Original Message----- From: Ken Schaefer [mailto:[email protected]] Sent: 27 June 2011 17:07 To: NT System Admin Issues Subject: RE: Be Very Wary of "The Cloud"... If you are enterprise, then as an IT admin, you have no warning. They could have turned up at another site for all you know. Maybe your legal is involved, but they probably decide that they can't involve you. -----Original Message----- From: Alan Davies [mailto:[email protected]] Sent: Monday, 27 June 2011 5:08 PM To: NT System Admin Issues Subject: RE: Be Very Wary of "The Cloud"... Michael's comments are spot on - if LE turn up at your premises, they serve the papers to you and your lawyers have *some* opportunity to react, plus you have *some* level of control/steering as to what goes on. If LE turn up at any other premises that you do not own or staff (don't care what you want to call them re cloud/co-lo!), then they can be gagged and prevented from even telling you that your data has been seized. Regardless, you're out of the loop as the other company is bound to obey the laws of the land and will only do what they're allowed to do in terms of alerting you. This is a very important consideration for cloud if you do not entirely own the encryption keys (most hold escrow keys ... always push to remove that capability if you want full control!). Knowing what country your data could be in and the laws of that/those countries becomes the responsibility of your own lawyers - this should NOT be an IT decision! a -----Original Message----- From: Michael B. Smith [mailto:[email protected]] Sent: 23 June 2011 15:34 To: NT System Admin Issues Subject: RE: Be Very Wary of "The Cloud"... Call it a "private cloud" if you wish. But if you connect to it over the Internet - I consider it "a cloud thing". The DIFFERENCE is in your last sentence. If your property is seized from your physical location, then "you" (the corporate "you") are the one being investigated. If your property (whether by rental, lease, or ownership) is seized at a data-center, "you" are not necessarily the one being investigated. I believe the term is "collateral damage". Regards, Michael B. Smith Consultant and Exchange MVP ************************************************************************************ WARNING: The information in this email and any attachments is confidential and may be legally privileged. If you are not the named addressee, you must not use, copy or disclose this email (including any attachments) or the information in it save to the named addressee nor take any action in reliance on it. If you receive this email or any attachments in error, please notify the sender immediately and then delete the same and any copies. "CLS Services Ltd × Registered in England No 4132704 × Registered Office: Exchange Tower × One Harbour Exchange Square × London E14 9GE" ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
