Risk

3/19/2009
01:42 PM
50%
50%

Feds To Shut Down Google Apps?

FTC is weighing request from privacy group that claims data stored in the cloud isn't secure.

The Federal Trade Commission is looking into the risks of cloud computing.

The FTC held a two-day meeting this week to discuss data security in the global economy. Regulators are trying to determine whether they should intervene with cloud computing to address security and privacy (PDF) concerns.

Critics, including the Electronic Privacy Information Center, argue that consumers are at greater risk of privacy breaches with cloud computing because data management practices are inconsistent.

EPIC asked the FTC for a legal injunction to stop cloud computing until the government approves it. In the unlikely event that the request is fulfilled, millions of individual and business users could be prevented from accessing data stored in the cloud.

EPIC made the request after a Google Docs breach that exposed some word processing documents. The letter specifically targets Google and urges the FTC to look into whether the company is using unfair and deceptive practices by providing products and services that aren't safe. EPIC's request applies to Google Apps, Google Calendar, Google Docs, and Gmail.

"Cloud Computing Services are rapidly becoming an integral part of the United States economy, with implications for business development, security, and privacy," EPIC explained in the letter (PDF).

It cited a September report from ComScore Media Metrix, which estimated that 26 million consumers used Google's Gmail Cloud Computing Services. The group also cited a March IDC study that predicts corporate IT spending on cloud services will reach $42 billion by 2012.

Proponents of cloud computing -- including Google -- argue that cloud computing is at least as secure as traditional computing because providers can often better protect data than their customers can.


InformationWeek Analytics has published an independent analysis of the challenges around setting business priorities for next-gen Web applications. Download the report here (registration required).

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
More Than Half of Users Reuse Passwords
Curtis Franklin Jr., Senior Editor at Dark Reading,  5/24/2018
Is Threat Intelligence Garbage?
Chris McDaniels, Chief Information Security Officer of Mosaic451,  5/23/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11471
PUBLISHED: 2018-05-25
Cockpit 0.5.5 has XSS via a collection, form, or region.
CVE-2018-11472
PUBLISHED: 2018-05-25
Monstra CMS 3.0.4 has Reflected XSS during Login (i.e., the login parameter to admin/index.php).
CVE-2018-11473
PUBLISHED: 2018-05-25
Monstra CMS 3.0.4 has XSS in the registration Form (i.e., the login parameter to users/registration).
CVE-2018-11474
PUBLISHED: 2018-05-25
Monstra CMS 3.0.4 has a Session Management Issue in the Administrations Tab. A password change at admin/index.php?id=users&action=edit&user_id=1 does not invalidate a session that is open in a different browser.
CVE-2018-11475
PUBLISHED: 2018-05-25
Monstra CMS 3.0.4 has a Session Management Issue in the Users tab. A password change at users/1/edit does not invalidate a session that is open in a different browser.