Careful As She Goes, Captain!

Paw Prints: Writings of the maddog
One of the big stories this month has been the attempts of crackers to break into email accounts being held by Google and other companies.
There have been a lot of accusations flying back and forth, with many people commenting on the security of web browsers and whether or not Google should pull out of China or continue to do the censoring required by the Chinese government. I am not going to discuss the political issues on both sides of the situation, I will leave that for other people.
One point that I have not seen discussed is the concept of whether or not the "Cloud" is safe for a person's or company's data given a company could lose or give up its franchise to operate at any time. From the point of view of the "end user", whether or not Google is right or the Chinese government is right, the "end users" data held in Google's systems and the end-user's business plans based on Google's services may be in jeopardy in China.
Now business (nor life) is never guaranteed. In every business and life we take risks, but one of the selling points of Free Software is the control that you might have over mediating those risks and having more control.
I live in an interesting country, the United States of America. The United States produces a lot of software which is used all over the world. U.S. businesses are aware that companies sometimes go bankrupt (we are probably more aware of that lately from recent events), and that companies merge and product lines disappear. We typically do not think about companies deciding that they are going to stop doing business with us because of the policies of our country. Nor do we typically consider what would happen if the country that provided us with the software we use would formulate an embargo against us. Our Admirals, Generals and other military people also trust that the United States companies making software to put in U.S. ships, tanks and planes would try their best to create software that does the job and has no Trojan horses or other spy-ware built in.
If you were an Admiral or General in a country called "Cuba" or "Iran" you might have a different outlook on things. You might want software that you can see the sources for the software, and actually build the software yourself and put it into your own ships, tanks and planes. In fact, if you were really astute, you probably would want the sources not only for the actual software you use, but also for the compilers and total software environment that built the embedded software...just in case.
Now we go back to our Chinese neighbors. Perhaps a Chinese business person, or a Chinese end-user entrusted their data to Google's Cloud. Now, for no real fault of the person who used those services, and for reasons outside of their personal control, their data and services are in jeopardy. This is a wake-up call for anyone who uses "Cloud Computing".
Am I saying not to use "Cloud Computing"? No, since "Cloud Computing" has lots of advantages, and for the most part the risk of data loss is still lower then if you tried to store the data yourself in most cases. But you need to think what would happen if your "Cloud" was disrupted, how you could recover your data and how you would keep your business going. Do you have control?
As an example, I do business with several companies that request I use Google Apps for collaboration. As I set up my Google Apps account, I make sure (with their blessing) that any emails sent to my accounts are forwarded on to a secure server so I can keep a record of that email. Therefore I have a record of every email sent to me (minus various pieces of obvious SPAM) for the past fifteen years. Since I typically copy myself on my emails, I also have a copy of every email I have sent in the past fifteen years.
Google has been active in formulating ways that people can back up critical files, and there are people (and even Google employees) working to make sure that you can extract and recover your data if you ever want to stop using their services. You should become aware of these techniques, and exercise them from time to time.
Of course this does not completely protect you, since people still become used to working with the services and finding replacements might be difficult and time-consuming, two things you should not be doing in a panic mode. You should plan for these contingencies before you need them, and test these contingencies from time to time, just as you would any "disaster recovery" plan.
As in most "disaster recovery" plans, you may not be able to operate at peak efficiency but you would still be able to operate.
Carpe Control.
comments powered by DisqusIssue 268/2023
Buy this issue as a PDF
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Find SysAdmin Jobs
News
-
The Next Major Release of Elementary OS Has Arrived
It's been over a year since the developers of elementary OS released version 6.1 (Jólnir) but they've finally made their latest release (Horus) available with a renewed focus on the user.
-
KDE Plasma 5.27 Beta Is Ready for Testing
The latest beta iteration of the KDE Plasma desktop is now available and includes some important additions and fixes.
-
Netrunner OS 23 Is Now Available
The latest version of this Linux distribution is now based on Debian Bullseye and is ready for installation and finally hits the KDE 5.20 branch of the desktop.
-
New Linux Distribution Built for Gamers
With a Gnome desktop that offers different layouts and a custom kernel, PikaOS is a great option for gamers of all types.
-
System76 Beefs Up Popular Pangolin Laptop
The darling of open-source-powered laptops and desktops will soon drop a new AMD Ryzen 7-powered version of their popular Pangolin laptop.
-
Nobara Project Is a Modified Version of Fedora with User-Friendly Fixes
If you're looking for a version of Fedora that includes third-party and proprietary packages, look no further than the Nobara Project.
-
Gnome 44 Now Has a Release Date
Gnome 44 will be officially released on March 22, 2023.
-
Nitrux 2.6 Available with Kernel 6.1 and a Major Change
The developers of Nitrux have officially released version 2.6 of their Linux distribution with plenty of new features to excite users.
-
Vanilla OS Initial Release Is Now Available
A stock GNOME experience with on-demand immutability finally sees its first production release.
-
Critical Linux Vulnerability Found to Impact SMB Servers
A Linux vulnerability with a CVSS score of 10 has been found to affect SMB servers and can lead to remote code execution.