GigaOM is quoting a new survey by PriceWaterhouseCoopers (PWC) released last week, saying that some " 22 percent of German companies now see the risk of using cloud services as “very high,”... 54 percent say risk is high or very high. ...while 15 percent want to switch to European tech providers that won’t cooperate with American or British intelligence services."
I haven't found the PWC survey on question, but it mirrors findings in the "How Much will PRISM cost the U.S. Cloud Computing Industry?" report from the Information Technology & Innovation Foundation earlier this summer finding that "10 per cent of respondents outside the US had cancelled a cloud project with an American firm because of PRISM, while 56 per cent said they're less likely to use a provider based in the US."
OK, let's say you are tasked with finding a secure cloud provider outside the usual US ones and that doesn't have US offices, subsidiaries or business units that would be covered by FISA/NSA or US National Security Letters that will impact non-US operations or locations as well, and need to come up with a cloud infrastructure provider that covers processing, storage and networking at competitive prices and that have feature-parity more or less with the leading players, i.e. Amazon AWS.
What are the options?
One could start looking at German and Swiss providers that have some track record legally, nationally and culturally for safe-keeping and data privacy. UK and Swedish ones would be out because of GCHQ and FRA impacts, France with their equal, same thing with Norwegian providers as 99% of Norwegian Internet connectivity goes through Sweden. One place that's often overlooked is Finland, but they have some players as well.
With that in mind, some cloud infrastructure players that have the basics covered for IaaS, an extended feature set for IaaS and self-serve IaaS at competitive prices. It's not an extensive list and I haven't checked all the way if they have US units or not, that would be impacted by FISA or US National Security Letters. Also, remember, it's very hard at most times to say a cloud provider are Swiss or Finnish or is located in a particular country - many DCs and servers for IaaS might be located in one country, but management and ops are done remotely, Internet infrastructure for the service (DNS, SSL certificates, L3-7 global load balancing, service logging etc) are done from a remote location, that might have data or data control for a remote DC running through them.
Some German cloud infrastructure providers worth a look:
OK, this is by no means a comprehensive list, and a closer review might find that some of these providers do indeed have US affiliates or hosting of some sort, from their own router at US IX or using some back-up facility of sort. But main thing is that there are lots of alternative cloud providers in the IaaS-space and that one isn't necessarily forced to go with NSA-compatible ones to get business or developer requirements fulfilled.
Erik Jensen, 11.11.2013
I haven't found the PWC survey on question, but it mirrors findings in the "How Much will PRISM cost the U.S. Cloud Computing Industry?" report from the Information Technology & Innovation Foundation earlier this summer finding that "10 per cent of respondents outside the US had cancelled a cloud project with an American firm because of PRISM, while 56 per cent said they're less likely to use a provider based in the US."
OK, let's say you are tasked with finding a secure cloud provider outside the usual US ones and that doesn't have US offices, subsidiaries or business units that would be covered by FISA/NSA or US National Security Letters that will impact non-US operations or locations as well, and need to come up with a cloud infrastructure provider that covers processing, storage and networking at competitive prices and that have feature-parity more or less with the leading players, i.e. Amazon AWS.
What are the options?
One could start looking at German and Swiss providers that have some track record legally, nationally and culturally for safe-keeping and data privacy. UK and Swedish ones would be out because of GCHQ and FRA impacts, France with their equal, same thing with Norwegian providers as 99% of Norwegian Internet connectivity goes through Sweden. One place that's often overlooked is Finland, but they have some players as well.
With that in mind, some cloud infrastructure players that have the basics covered for IaaS, an extended feature set for IaaS and self-serve IaaS at competitive prices. It's not an extensive list and I haven't checked all the way if they have US units or not, that would be impacted by FISA or US National Security Letters. Also, remember, it's very hard at most times to say a cloud provider are Swiss or Finnish or is located in a particular country - many DCs and servers for IaaS might be located in one country, but management and ops are done remotely, Internet infrastructure for the service (DNS, SSL certificates, L3-7 global load balancing, service logging etc) are done from a remote location, that might have data or data control for a remote DC running through them.
Some German cloud infrastructure providers worth a look:
- Profitbricks: I thought of them from the start, but now see they have a US unit, and they would be covered by FISA or National Security Letters just as any US company. Still gives a good indication of service and feature levels available from leading European cloud providers.
- Internet4YOU: Servers, storage and DCs in Germany, covers most IaaS-areas
- dynaCloud: OnApp based cloud provider. Also CDN-services.
- The unbelievable Machine Company: Name alone makes them worth a check
Some Swiss cloud providers
- Exoscale: Cloud infra offering. See also "In Switzerland your data is safe" section.
- Safe Swiss Cloud: Focus on security and privacy
- Swisscom dynamic computing: Covers IaaS basic, has online configurator and more.
- Incloudibly
- Cloudcom: Cloud servers with DDOS-protection and more
Alternatives in Finland:
- Tieto cloud services: Also has a Swedish, FRA-impacted counterpart
- Nebula
- Hostingservice.fi: Another OnApp based contender
Erik Jensen, 11.11.2013
No comments:
Post a Comment