Cyber Security and Web Hosting: How Safe is Your Data?

Cyber security is a rising concern - a fact made evident by the announcement of Google’s latest service, a feature in its Cloud Platform services to lock up your computer engine data with encryption keys, this past Tuesday, July 28th. Indeed, Google is not alone in this venture, as Amazon offers a similar encryption service for its CloudHSM host, and Microsoft offers Key Vault. The growing implementation of security features points to the growing concern for this need for security.

Interestingly enough, most of the concerns that caused these encryption developments have less to do with hackers and cybercriminals, and more to do with total privacy of data and information. This stems from protecting sensitive information and extends to protecting business operations against abusive and often futile lawsuits. The majority of websites can be protected against cybercriminal activity with the implementation of secure coding principles, updating secure server software, and encrypting sensitive information. There is another risk that looms larger than getting hacked these days however, and it is actually within the legal realm, not the illegal one.

Country Specific Legal Concerns

Google’s new encryption key offer is actually meant to offer businesses a peace of mind that Google itself is not looking into their personal data and vital information. Why, you may ask, would a business need to ensure privacy even from its hosting provider?

One such imposition that companies are trying to sidestep is jurisdictional laws that hinder free speech and business operations. Within the U.S., for example, which operates under the Digital Millennium Copyright Act (DMCA), individuals and organizations can request that web content be removed for any reason that may "violate” their copyright. These legal requests are DMCA takedown notices. The problem is that strict laws like these tend to hinder as much as they are meant to help, and in 2009 Google announced that "57% of the takedown notices it received were from businesses targeting competitors. Worse still, 37% of the notices were not even valid claims.”

In order to deviate around these menacing legal obstacles, companies and publications are turning to hosting their data on offshore servers. If a server is located outside of the country that the website is based in, the jurisdictional laws of that country do not apply to the content of this website and therefore cannot be banned or taken down by governing officials. With an offshore webhosting service such as Host1Plus, under an anonymous account, a website owner has peace of mind that his or her identity and information will not be exposed or threatened. He or she also receives an unimpeded channel through which to engage in uncensored free speech and ensure that business operations are unhindered.

It is important to note, however, that ‘.com,’ ‘.net,’ ‘.org,’ ‘.co,’ or ‘.us’ domains are subject to US laws regardless of where your server is based, so it is also important to choose a web domain as well as host provider that is free of jurisdictional abuses.

Some Offshore Hosting Concerns

Of course, like anything, you need to be careful with choosing an offshore host as well. Since privacy laws are different in each country, you need to ultimately choose a company that includes privacy obligations in the contract agreement. You should also thoroughly look into your hosting provider to gauge their security technology as well as their policies and procedures, right down to employee awareness, training, and the company’s screening process before hiring. And finally, you should take the extra measures to encrypt your data, ensuring that even the service provider cannot see it, coming full-circle back to Google’s encryption service.

In Summary

It is important to consider hosting options very closely, regardless of whether they are onshore or offshore. While the topic may not be the most glamorous, your data is the heart and soul of your business and needs to be protected at all costs, from hackers and from lawyer-slinging competition.

Feeling social? Follow us on Twitter and LinkedIn Now!

Join the CSO newsletter!

Error: Please check your email address.

Tags CloudHSMweb hostingdata’ ‘.us’’ ‘.co‘.comcybercriminals’ ‘.netCSO Australiacyber securityDMCA takedown’ ‘.orgMicrosoftencryptionKey Vault

More about CSOGoogleMicrosoftTwitter

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Alice Winslow

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place