Search Mailing List Archives
[liberationtech] Can a private cloud appliance protect businesses from prying eyes?
companys at stanford.edu
Wed Jul 3 12:16:49 PDT 2013
Can a private cloud appliance protect businesses from prying eyes?
By David Meyer | GigaOM.com, Updated: Wednesday, July 3, 7:12 AM
As the internet surveillance scandal continues to unfold, some smell
an opportunity. One such player is Protonet, which is set to launch
its private cloud appliance on Thursday. Hailing from Germany, the
home of data protection, the company is pitching the device as a way
for small-to-medium-sized enterprises to enjoy the benefits of the
cloud without using suppliers that might have to let the NSA poke
around if the agency demands it.
What’s more, Protonet has also just scooped up $1.2 million in funding
from local backers Tarek Mueller, Stefan Kolle and Stephan Rebbe, as
well as the Hamburg Innovation Fund, in order to push into the
European and U.S. markets. Prior to that, it picked up €200,000
($260,000) on Seedmatch.
The Protonet appliance is basically a good old Linux NAS box, housed
in an arguably attractive orange casing with a single button on it,
and with homegrown replacements for Dropbox (file-sharing),
Skype/Yammer (collaboration) and Basecamp (task management)
preinstalled. As Protonet “chief satisfaction engineer” Philipp
Baumgaertel told me, it’s a plug-and-play affair aimed very much at
small businesses that lack IT savvy, but that also don’t trust the
cloud very much:
Prices range between €2,749-€4,099 ($3,574-$5,330) before tax,
depending on the chosen configuration (it takes up to 16TB of RAID5
storage and can pack a quad-core 2.5GHz Xeon processor). It’s not the
cheapest small-business server out there, but it can pack a punch and,
as Baumgartel noted, the real value is in the zero-configuration
Protonet SOUL OS software package, which just happens to come with
hardware as an extra selling point.
So, will it protect small businesses from prying eyes? That’s a tricky
one to answer while we still don’t know precisely what the PRISM,
Tempora and Boundless Informant programs entail. What we can say for
sure is that it’s a safer option than going with a U.S. cloud provider
that will have to do what the U.S. security services tell it to do.
However, that’s not to say what Protonet is offering is entirely safe.
According to Edward Snowden, the British Tempora program involves
sucking data straight off the cables that form the backbone of the
internet. If that’s true, then the intelligence services don’t need to
be dealing with a pliable cloud provider to get what they want, and
for European users there’s not a huge difference between an appliance
such as this and simply using a European cloud provider.
>From Protonet’s side, the company uses SSL encryption for
communications – the system does need to service mobile devices after
all – and claims it’s as safe as online banking. Baumgartel conceded
that, since we don’t know the full capabilities of the NSA, GCHQ and
their partners, it’s hard to promise anything more than that. (Of
course, the metadata associated with mobility can introduce unwanted
transparency all on its own.)
In other words, the private cloud appliance may be a good option for
businesses that fear the worst but haven’t entirely given up hope that
privacy may still be an option.
More information about the liberationtech