No matter how much law firms invest in data loss prevention and information protection, the government wants to be able to access private, personal and corporate data whenever it wants. The Washington Post reported that for months now, federal law enforcement agencies and other government organizations have been arguing over whether tech companies should give the government access to a secret backdoor on computers, mobile devices and other systems. This would allow federal agencies and law enforcement to bypass encryption protocols, which gives those organizations insight into emails, phone calls, text messages and other communications.
Creating the entry point
Essentially, government agencies believe that technologies like encryption put the country at risk of terrorists attacks and hinder investigations that deal with national security. However, this doesn't mean that the U.S. government or the Obama administration wants to get rid of cybersecurity tools. Instead, President Obama and other federal agencies called for a "split-key approach" in which the government and a business would share a decryption key for sensitive data and personal information, according to the source. Another option proposed by White House officials would give a third-party organization that backdoor key.
"When everyone is a target for cybercriminals, whose network is secure?"
These different approaches only serve to highlight some major questions: Who should businesses and people trust with their data? Companies are always at risk of data breach, and government agencies are no stranger to network intrusions, having recently lost 18 million personal records to Chinese hackers. When everyone is a target for cybercriminals, whose network is secure? Most organizations would just trust themselves.
The good news is that The Washington Post reported that no legislation has actually been proposed by lawmakers yet, and therefore, tech vendors and industry leaders do not need to give the government access to any information without a warrant. The bad news is that this probably isn't stopping federal agencies from performing surveillance on people and corporations.
Already behind the scenes
Just at the beginning of July, the Milan, Italy-based hacktivist group Hacking Team was hacked itself. The unidentified cybercriminals posted a 400 gigabyte file on Pastebin, according to Wired, and it included executive emails, source code, customer invoices and a long list of contracts. U.S. agencies such as the DEA, FBI and Department of Defense were all listed in the document, the source indicated. Regardless of national laws and regulations, it seems likely that the government already has a tool that allows them to access secured data. They just need permission to use it.
The consequences of a backdoor
If federal agencies propose a law and it passes, the implications of the government having a backdoor are largely negative. In fact, on July 7, a group of 13 of "the world's pre-eminent cryptographers, computer scientists and security specialists" wrote a report that explained there is no way to give any government access to encrypted communications without risking the security of sensitive, confidential data and mission-critical infrastructure, The New York Times reported.
The report stated that reducing the power of encryption is just impossible, and handing the government a key to secure data means that anyone can find and access that information given enough attempts and time. Essentially, what would be meant to help national security would actually help cybercriminals and hacktivist s gain entry into corporate networks, email accounts and storage systems.
The bottom line is that there is no way to safely give the government a backdoor into encrypted communications, but that doesn't mean agencies won't try. This is why solutions such as CloudMask are so valuable, as they lock conversations and shared files with a user-specific key that only the owner can use to decrypt sensitive information.
With CloudMask, only your authorized parties can decrypt and see your data. Not hackers with your valid password, Not Cloud Providers, Not Government Agencies, and Not even CloudMask can see your protected data. Twenty-six government cybersecurity agencies around the world back these claims.
Watch our video and demo at www.vimeo.com/cloudmaskShare this article: