Year: 2017

December 27, 2017 5 Comments
Avatar

The Impact on Network Security Through Encrypted Protocols – QUIC

I have already written about two secure protocols that are impacting our network security.

The first was HTTP/2, the second one was TLS 1.3. Both posts can be found here:

HTTP/2
TLS1.3

Today I want to talk about another very important protocol, it is called QUIC.

QUIC stands for QUICK UDP INTERNET CONNECTIONS. It is an experimental protocol designed and deployed by Google. When you look at the existing protocols, we already optimized the application layer through HTTP/2 and the encryption layer through  TLS 1.3. So the only thing that is now causing still delay is TCP.

Figure 1: Structure of QUIC

QUIC is built on UDP instead of TCP. The port it is using is UDP/443. And it also combines several features with HTTP/2.

HTTP/2 features such as connection multiplexing, stream prioritization or connection sharing across domains are features that QUIC is leveraging from HTTP/2.

Some other important features of QUIC:

  • 1-RTT connection handshake
  • 0-RTT re-established connections
  • Connections survive IP address change
  • Always encrypted and authenticated
  • Loss Recovery
    • Includes RTT Information in the packet
  • Retransmits on frames, not on per packet basis
  • FEC (Forward Error Correction) data recovery

The QUIC protocol tries to significantly reduce the number of round trips that are required to establish a connection. QUIC is not only using a 1-RTT handshake but can also use a 0-RTT session resumption. Connections are able to survive IP address changes, something that is making everyone in the mobile service provider space very happy. Think of roaming users.
And QUIC is always encrypted and authenticated. There is no cleartext version of QUIC.
Tests with QUIC have resulted in an improvement of 30% with regards to retransmission on sites like “youtube.com”.

The last point in this list is FEC.It is similar to a RAID system for the network. Imagine to transmit some info in addition to the payload to enable you to recreate packets that have been lost on the wire. Sounds useful but was not worth the overhead when tested in real life environments.

So where is QUIC used? As it is an experimental protocol by google, it is today used by a lot of google websites such as gmail.com, youtube.com, etc. Also the Chrome browser has QUIC built in and enabled.
You can check this on your own if you are using the Chrome browser:

Go to your Chrome browser and type “chrome://net-internals/#quic” in the toolbar. Then, open a second tab and browse to youtube.com, gmail.com and other google sites. If you are not behind a firewall that is blocking UDP/443, then some QUIC sessions might turn up.

Chrome is trying QUIC with a lot of sites and remembering, whether it was successful or not.
When connecting to a website, the server can send an “alt-svc” (=alternate service) header to the client, telling him to switch to QUIC.

You can see it on “chrome://net-internals/#alt-svc”

Figure 2: Mapping of QUIC Service to websites

QUIC is currently using a proprietary encryption and authentication protocol. But the IETF has picked up QUIC and is working on a standardized version of QUIC.

https://datatracker.ietf.org/wg/quic/documents/

One of the important changes is that the QUIC crypto protocol is planned to be replaced with TLS 1.3:

Figure 3: IETF QUIC working group , QUIC & TLS 1.3

Impact on your Security Gateway:

Your gateway currently might not understand QUIC. In addition, QUIC currently is not really able to be decrypted in the network. So, if your firewall is allowing UDP/443, there is not much it can inspect in the QUIC sessions. It might not even recognize it is dealing with QUIC as a protocol and just wonder where all those UDP packets come from….
If your gateway is blocking udp/443, Chrome will silently fall back to TCP. So there won’t be a user impact.

Just blocking udp/443 is for sure not a final solution. Gateways are and will be even more confronted with new and encrypted protocols in the present and near future. If we do not deploy an architecture that is capable to understand those protocols and deal with the overwhelming amount of encryption in the network, the security gateway on its own will go more and more blind.

If you want to learn more, I will be talking at CiscoLive! Barcelona in 2018, Breakout BRKSEC-3015.

Further links on QUIC:

https://datatracker.ietf.org/meeting/98/materials/slides-98-edu-sessf-quic-tutorial/

A “quick” guide to QUIC

 

Authors

Avatar

Tobias Mayer

Technical Solution Architect

EMEA Security Architecture Team

December 22, 2017 4 Comments
Avatar

Weekly Wrapup – Happy Holidays

Hello all,

This is the last blog post of 2017. It truly has been a great year for our team. We launched the RV340, RV340W, RV345 and RV345P VPN Security Routers. These RV Series models provide business firewall protection and high-performance network access and protects businesses from unwanted content/malicious websites. Jo and I wish all of you a wonderful Holiday Season. Here is to the New Year!

The Wireless Team was also busy this year. Brian and Nasser launched the new WAP125, WAP150, WAP361, WAP571, WAP571E and finally the high-performance, MGig WAP581. These new models round out an already capable portfolio in the 100, 300 and 500 Series. Brian and Nasser wish you a very Merry Christmas and Happy New Year!

Michael and Aaron launched new models in the 250, 350X and 550X lines this year. The new, next generation 250 Series Smart Switches provide even more features and powerful performance at a price-point that cannot be overlooked. The new 350X Series Stackable Managed models also have more features and functionality while providing a level of performance and security that models that cost double to triple the price. There are new MGig models to take a look at. These models are a perfect match with the new WAP581.

The new 550X Series Stackable Managed Switches including the new 10G models provide our finest Switches in our portfolio and present a viable option to any deployment scenario and business network requirement. Our Switching Team wishes you all the best this Holiday Season.

Dave and Brian have been hard at work all year with new FindIT Releases. Our Monitoring and Management Platform will continue to get more features and functionality next year. If you use Kaseya internally to manage your IT, or if you use the Remote Monitoring and Management Platform to manage your customers’ IT environments, then we have good news for you. Our Kaseya/FindIT integration into is now available. Now our Cisco Small Business networking products can now be monitored and managed just like other managed machines within Kaseya. Yes, you can do audits and inventories, setup alerts and select actions based on these alerts, create tickets/cases and of course report on everything. Brian and Dave would like to wish you all a Merry Christmas and Happy Holidays.

Finally, I am proud to introduce our Pre-Sales/Sales Engineers/Network Architects/Problem Solvers: Max, Michael and Martin. This year was especially fruitful and successful for them as they took on various tasks and projects, each on met successfully. I personally look forward to seeing this team grow in every way.

From Marty, Brad, Jo, Brian, Nasser, Mike, Aaron, Brian, Dave, Gene, Frank, Max, Michael, Martin and the rest of the team in Costa Mesa, Shanghai, and the rest of the world, Happy Holidays, Merry Christmas and Happy New Year.

Links:

Facebook

Instagram

Twitter

Google+

LinkedIn

->email us at ask-eng-small-business@cisco.com

 

Authors

Avatar

Marc Nagao

Product Manager

Small Business RV Series Routers

December 21, 2017 5 Comments
Avatar

Accelerating Into 2018

2017 was a pivotal year for enterprise networking. In 2016, the internet crossed a milestone threshold when it reached an annual run rate of one Zettabytes, with the majority on mobile devices. As the Zettabyte era dawned, networking needed to be brought up to speed. And this year, I am proud to say our enterprise engineering team launched a new era of networking, with a network that understands and automates your business intentions, from edge to cloud. Let’s take a look back on the milestones of the year that brought networking into the future.

Besides our landmark Network. Inutitive. launch in June, the engineering team was at its innovative best in building the Catalyst 9400 programmable switch, fast enough we needed the same designers as Ferrari. And it continues to receive amazing press! That same month, we launched SD Access to help customers prepare for and adapt to IoT and the growth in mobile traffic. I’m also proud of the pioneering work we’ve done in meshing security together with networking, accelerating our vision with Viptela, and extending our cloud-first solutions like Connected Mobile Experiences (CMX).

 

Enterprise Networking Year in Review

I’m proud of what our Enterprise Networking engineering team accomplished in 2017. We are on a strong trajectory, and this is a great time to be in the networking industry. At Cisco, we truly have a chance to disrupt the industry, as well as ourselves. I look forward to seeing where the future takes us.

Authors

Avatar

Anand Oswal

No Longer with Cisco

1 Comment
Avatar

The Votes that Count = Yours

In 2017, our collaboration team focused on the user experience more than ever. It’s about more than how people interact with our technology on a day-to-day basis: It’s also about the lifetime experience of buying and using our products.

The most meaningful awards are just as much about the audience, fans, or users as they are about actors, athletes, or engineers. Receiving accolades from the people who actually use our products and solutions is especially rewarding. That’s why we’re pleased that we recently received three “Reader’s Choice” awards in a competition sponsored by Let’s Do Video. Readers chose:

  • Cisco Spark for Best Persistent Team Messaging Solution
  • Cisco Spark Room Series for Best Auto Tracking/Framing Video Camera
  • Cisco Spark Room Series for Best New Business Communication Product or Service

It doesn’t always take direct votes to represent the voice of the customer. Earlier this year Zeus Kerravala wrote about “Cisco’s Dead-Simple Design Approach” in No Jitter. He points out that Cisco winning multiple Red Dot design awards for our video conferencing products “validates their approach to providing a delightfully simple user experience… In this highly consumerized world, workers expect — sometimes even demand — tools that are easy to use. Tools that are, get used a lot, tools that don’t, sit there and collect dust.”

We received Red Dot design awards in 2017 for the following products:

The Cisco Spark Board also took home the “Best of Enterprise Connect” award.

To design the “Best of” Cisco Spark Board, the designers looked at how people have changed the way they work while meetings rooms have not changed at all.

https://www.youtube.com/watch?v=-YdMXDI_o_Y

Our partners are also a big part of our success and they’re essential to our customer relationships. We’re proud that CRN, an important resource in our partner community, recognized two of our products in its 2017 Tech Innovator Awards.

As we head into 2018 we’ll maintain our focus on customer relationships. It’s your vote that counts!

 

Authors

Avatar

Snorre Kjesbu

Senior Vice President/General Manager of Webex Devices

Meeting Room Systems

1 Comment
Avatar

How Digital Giving Is Improving People’s Lives

Digital transformation is impacting nearly every industry and aspect of our lives. At this time of year, when our thoughts and actions turn toward giving, I want to show how digital giving is improving people’s lives around the world.

Digital Giving Data Points

According to the 2016 Global NGO Online Technology Report, published jointly by the Public Interest Registry and Tech for Good, online donations continue to lead the philanthropy industry.

  • 77 percent of Millennials, 66 percent of GenXers, and 54 percent of Baby Boomers prefer to donate to charities online.
  • Millennials are most inspired to give by social media, while Gen Xers and Baby Boomers are more influenced by email.
  • 95% of NGOs worldwide have a Facebook page; 83% have a Twitter profile; and 40% are active on Instagram.

Source: Global NGO Online Technology Report, Public Interest Registry and Tech for Good, 2016.

Cisco: A Culture of Giving

Cisco has always had a culture of giving as can be seen by perusing the company’s Corporate Social Responsibility site. This year alone, through the company’s generous Time2Give program, we volunteered more than 370,000 hours of time and donated over $13 million to causes around the world. For the eleventh year in a row, Cisco won the annual Second Harvest Food Bank’s 48-hour Virtual Race with $244,000 in employee giving. These funds will provide more than 470,000 meals to families in need. Since 2006, Cisco’s total giving to Second Harvest equals $12 million ($7.4 million from employee donations and $4.6 million in matched funds). Since 1994, Cisco has given $19.7 million which equates to about 39 million meals.

And, I’m proud to say that the Cisco Digitization Office was the top organization again this year in donating to Cisco’s annual Be the Bridge campaign. Be the Bridge is Cisco’s signature employee giving campaign that builds on the company’s decades-long commitment to supporting communities around the world. Employees can give to more than 1900 organizations worldwide. Every dollar makes a difference as employees are encouraged to access the Cisco Foundation match to multiply the impact of their gifts.

When it comes to digital giving, the Cisco Networking Academy has changed lives, businesses, and economies with IT education for 20 years across 180 countries. More than IT skills training, Cisco Networking Academy is a community whose members are the students, educators, and business leaders shaping the future. The academy has served almost 8 million students. And 70% of people who complete advanced courses obtain new or better jobs, take on increased responsibilities, and earn higher pay. If Cisco Networking Academy has changed your life, you can share your story with the hashtag #NetAcad20. 

More Digital Giving Examples

While there are many worthy examples, I have selected a few organizations that embrace technology to improve how they communicate, gather donations, and distribute or use funds to help people in need.

Twitter for Social Causes

  • #GivingTuesday: Started by 92Y, a New York-based cultural and community center, and the United Nations Foundation, this initiative asked charities to use the hashtag #GivingTuesday in their call-outs for donations on the first Tuesday in December. The hashtag has amassed 3,100,000 uses since it was started in 2012.
  • #LoveWins: After the Supreme Court’s historic ruling on same-sex marriage, Twitter included a rainbow heart emoji with each of the 12,800,000 mentions of the hashtag #LoveWins. The monumental decision led other social networks to create ways to let users colorfully show their support including Snapchat’s custom rainbow location-based filters and Facebook’s rainbow profile-picture filter.
  • #FuerzaMexico: During her keynote at Cisco Live Cancun, Ruba Borno, Cisco’s Vice President of Growth Initiatives and Chief of Staff to the CEO, unveiled a campaign to raise money for Habitat for Humanity Mexico. For every retweet, Cisco is donating five dollars to the organization.

(More information about these Twitter examples and others can be found in an excellent Washington Post article.)

Mobile Apps Enable a Future of Giving

Charity Miles is a mobile app that uses GPS technology to track how far users run and bike. To motivate users, the company makes a donation of 25 cents per mile for walkers and 10 cents per mile for bikers to a charity of the member’s choice. The actual donations are made by more than a dozen companies including Humana, Johnson & Johnson, Timex Sports, and Kenneth Cole.

Share the Meal is an easy-to-use mobile app from the United Nations World Food Programme that enables users to give by simply tapping on their phone. Donors can make a micropayment of 50 cents to feed a child for a day. The total number of shared meals to date has reached nearly 18.5 million.

More than 18 million meals have been shared using the Share The Meal mobile app.

Kiva Microfunds is a non-profit organization that allows people to lend money via the Internet to low-income entrepreneurs and students in more than 80 countries. Kiva’s mission is to connect people through lending to alleviate poverty.

Pencils of Promise is a global organization dedicated to reshaping the landscape of education and innovation. The organization uses virtual reality (VR) technology to bring supporters, donors, and partners “directly” into classrooms in Ghana. In just eight years, Pencils of Promise has built more than 420 schools and has 74,000 students learning in its classrooms every day.

Give Today

Whether you work in the technology industry or just use today’s digital innovations, digitization has improved all of our lives. So, at this time of year when our hearts and minds turn toward helping others, please take action and give to a cause that you care about or to one of the organizations in this blog.

Share Your Stories

How has your giving changed in a digital world? Please comment with your stories so others can learn from your experiences and examples.

 

Authors

Avatar

Kevin Bandy

No Longer with Cisco

2 Comments
Avatar

Defending Against The $5B Cybersecurity Threat – Business Email Compromise

If an average employee at your company got an email from an executive with an urgent request, would they question whether the email was coming from the actual sender? They probably wouldn’t. The reality is that most people would act on the request because of its time-sensitive nature. They assume that the IT team has the right technology in place to validate email senders so they can focus on doing their work. But this is why attackers succeed. Their target thinks the email is coming from someone they trust and consequently, their organization gets breached. This type of attack is called Business Email Compromise (BEC), email spoofing or spoof abuse. The FBI estimates it has cost companies $5.3B globally – far more than the $1B in 2016 for ransomware.

How does BEC work?

For those of you not familiar with the leading security breaches, you might be wondering…how does it actually work? In a nutshell, attackers impersonate someone you trust so they can trick you into releasing confidential information (like W2s or social security numbers here in the U.S.) or sending money via wire transfers. Like any good student, attackers do their homework performing extensive social media research on their target and building relevance and a message history to get their victim to take the bait at the right time. Attackers also play on an employee’s fear of consequences to drive a sense urgency that leads their target to act quickly versus taking other steps to verify the request. BEC attacks have been largely focused on impersonating high-value users such as the CEO or CFO. However, we know that attackers are broadening their horizons.

To give you one simple example of what attackers do, take a look at this image below. Can you spot the difference?

Can you spot the difference?

The left-hand side reflects the “Friendly From”. If you look at the underlying text for the address or “Mail From”, you get what’s on the right-hand side, which shows the actual address. Cisco is obviously spelled wrong – cisc0 – a zero rather than an o. While the username is also incorrect, what’s also worth pointing out is that the attacker is using a slight variation of the actual domain. This is only one of the ways attackers deceive users, there are others. From a technical point of view, BEC attacks will attempt to manipulate one or more parts of the SMTP message.

 

How to Protect

So now that you have an idea about what BEC is and how it works, you’re probably wondering what you can do to protect against it. There are two immediate ways: 1) educating your users and 2) making sure you have the right email security protection.

User Education and Training

First, you should raise awareness within your organization and train employees to be more aware about this type of attack. For example, at Cisco we recently received an email cautioning us about potential phishing scams given the increased number of emails related to online holiday shopping. In addition, IT sends out their own faux malicious emails. If a user falls for it and clicks the link, they’re taken to a page that talks about the dangers of phishing.

You can also train your users to compare the “Friendly From” with the “Mail From”. It sounds complicated, but it’s not. And you can do this on all mail user agents. Read this blog to learn more about how to do this. But you’re probably wondering, “what if I’m checking email on my mobile phone?”. Typically, mobile devices are too small to compare the “Mail From” and “Friendly From” addresses. If you’re checking your email from your mobile device and suspect it is not from the actual sender, you should wait to check the message until you are on your laptop.

Robust Sender Authentication in Your Email Security Solution

Another must when preventing BEC attacks is making sure that your email security solution has robust sender authentication capabilities. Cisco Email Security offers a suite of tools that include: DKIM, SPF, DMARC, as well as a feature called Forged Email Detection. This feature leverages a content filter that helps validate the sender’s identity and gives administrators a choice of remediation options. Also, by leveraging multiple pieces of intelligence available on Cisco Email Security, you can construct a customized policy to take the desired action. All of these tools make it harder for attackers to succeed.

To understand more about how Cisco can help address BEC and other email threats, visit http://www.cisco.com/go/emailsecurity. If you’re ready for a free test drive of Cisco Email Security, we’re offering a free, 45-day trial of our solution.

 

 

Authors

Avatar

Claudia Martinez

Product Marketing Manager, Email Security

Marketing & Communications

1 Comment
Avatar

Our Top 3 Retail Posts of 2017

The holiday shopping season is in full swing, testing the limits of your supply chain, workforce, and customer service. Above all, your customers remain at the center. Anticipating their needs and interests, and optimizing their shopping experiences – whether in a brick and mortar store, on a mobile device, or from the comfort of their own home. It all impacts your bottom line.

As customers navigate bustling stores or opt to find holiday deals online, take a look at the most-read retail blogs of 2017. Learn about the trends, challenges, and solutions you need to know about to stop hackers in their tracks, reduce employee turnover, and understand the consumer of 2020.

  1. Protect your customers and your brand.
    Cisco’s Digital Network Architecture safeguards against security threats and anticipates attacks, helping to maintain a highly secure retail network. Since 86% of customers would prefer to shop elsewhere after a financial breech, it’s imperative to proactively protect and adopt a secure foundation on which to build your business. Read the blog here.
  2. Turnover is just as bad for the store as it is for the employee.
    The age of digital information arms customers with the latest tools to make educated purchasing decisions. In fact, 73% of customers believe they are more informed than sales associates. This underpins the importance of equipping employees with enhanced information and superior technology to capitalize on business opportunities and to execute frictionless business transactions. Read the blog here.

  1. The customer of 2020 is becoming the designer, the store, and the media – all in the palm of their hand.
    Late adopters of technology that optimizes customer experiences will fall behind their competitors. Consumers don’t care if 74% of the brands they use vanished. The implication is that customers have little sympathy for companies trailing behind the rest. Read the blog here.

So as 2017 comes to a close, these insights bring you one step closer to confidently meeting the consumer of 2020.

Authors

Avatar

Nicki Vereschagin

Global Retail Marketing Content Strategist

Global Industries Marketing

1 Comment
Avatar

Cisco @CES 2018: Behind All The Gadgetry, There’s This Thing Called “Connectivity”

Amidst the clamor and crush of getting ready for the holidays, and closing out the year 2017, there’s this other big thing going on for many of us: Prepping for the 2018 International Consumer Electronics Show, in Las Vegas.

You may ask why a company like Cisco, not necessarily known for consumer gadgetry, goes to a show like CES, often described as the Super Bowl of consumer products. We go because we’re in the connectivity business — and just about everything in the (vast) landscape of consumer electronics gadgetry needs a connection at some point, in order to do whatever it was built to do.

Whether it’s a screen displaying a 4K movie, a fitness monitor gathering biometric data, an AI analytics engine crunching metrics, or any of the “things” of the Internet of Things, they all need a (wired or wireless) way to move their data, at some point.

Our focus at the 2018 CES is on our customers — service providers of broadband, video and connectivity — and what they need to succeed, next year and beyond. Like revenue growth, for starters, to offset the relentless growth of broadband consumption, which is already straining network investments.

Maybe you’ve heard this before, but it warrants repeating: We’re now three years away from a (2021) service provider environment in which IP traffic growth will have increased 3X, to 278 exabytes a month, according to our most recent Cisco VNI Forecast data. That’s more than 14 times all the IP traffic generated in 2010! And this traffic is flowing to and from and across more than 27 billion connections, 51% of them supporting machine-to-machine interactions, and 48% of them video-capable.

Getting there, in a reasonably future-proofed way, will require, in our view, massive amounts of network scaling, via cloud-native infrastructure. It will require a ruthless simplification of networking and operations, through workflow automation. And, it will require an architectural approach to security, so as to protect infrastructure, applications, and end-points.

We’re already starting to see some attractive outcomes in the field. Here’s some compelling numbers, as evidence:

  • A 10% lift in ARPU associated with consumer video, amongst customers using our cloud-based Infinite Video platform
  • A 60% faster speed to revenue creation, associated with Smart PHY automation
  • A 70% increase in operational efficiencies, amongst customers leveraging our automation and orchestration resources for networking and applications
  • A 50% reduction in mean time to repair/MTTR, amongst customers using Cisco Control Center to gain real-time visibility into, and control over, of service issues.

You can see all of this (and more!) for yourself in our CES suites at the Wynn. On the automation front, we’ll be demonstrating how automation ties into SD-WAN services, Smart PHY implementations, and a cloud-native CMTS designed to increase bandwidth and agility.

And, because CES is still very much a “video show,” we’ll be shining the spotlight on some advancements in our Infinite Video, cloud-DVR and mobile video platforms — like end-to-end latency reduction and cost optimization for ABR (Adaptive Bit Rate) video, as well as analytics and machine-learning enhancements to video experiences.

Our Cisco Jasper Control Center will be on display, illustrating how an automated connectivity management platform can link devices to global networks, customers, and back-end systems. That’s important when needing to address critical changes, without breaking the bank.

Last but not least, we’ll be showcasing our work on Cisco Kinetic, a first-of-its-kind IoT data operations platform designed to help enterprises to onboard and maintain the things of the IoT. It’s a great combination of connection management, fog/edge computing, and data delivery, in one platform, specifically designed for massive scale.

In closing, we’re going to CES because we’re big believers in connectivity, in all forms. We think the road to ruthless simplification is paved with automation, and we’ll have several examples on hand to share. And, as the largest security company in the world, we’re bringing resources that help to minimize known and unknown threat surfaces. Hope to see you there!

 

 

Authors

Avatar

Marc E. Aldrich

Senior Vice President

GSP Americas

Leave a Comment
Avatar

US Justice Department Advises Prosecutors: Seek Data from Enterprises Rather than Cloud Service Providers

At Cisco, we have long advocated that “data and communications stored in the cloud should receive equivalent protections against unreasonable government search and seizure just like documents stored on premises or in paper files.” I was, therefore, pleased to see new guidance from my former colleagues in the US Department of Justice’s Computer Crime and Intellectual Property Section supporting this view.

The newly released advice is aimed at federal prosecutors and asserts that wherever practical, evidence sought in the course of an investigation should be obtained from an enterprise customer rather than from a third-party cloud service provider.

The newly released advice is aimed at federal prosecutors and asserts that wherever practical, evidence sought in the course of an investigation should be obtained from an enterprise customer rather than from a third-party cloud service provider. Specifically, the guidance states that: “prosecutors should seek data directly from the enterprise, if practical, and if doing so will not compromise the investigation. Therefore, before seeking data from a provider, the prosecutor, working with agents, should determine whether the enterprise or the provider is the better source for the data being sought.”

Even in those instances where the enterprise itself is actually the subject of the investigation, there are mechanisms in the law empowering the government to require the provider to preserve information while the parties argue over its production. In offering this advice, the Department shows a recognition that the cloud service provider is a third party with no real interest in the investigation. As such, the provider is not well-positioned to ensure the governments demands for information are properly limited to the scope of the investigation. In addition, the provider is not able to seek privileges that could be effectively raised by a party in interest. The document correctly observes that: “[t]his approach also gives the counsel the opportunity to interpose privilege and other objections to disclosure for appropriate resolution, and parallels the approach that would be employed if the enterprise maintained data on its own servers, rather than in the cloud.”

The memo appears to be advisory rather than binding. And there are a number of exceptions spelled out that would justify making demands directly to the provider. However, overall, the new guidance directing prosecutors to avoid demanding enterprise customer data from third-party cloud service providers is a step in the right direction.

 

 

 

Authors

Avatar

Eric Wenger

Senior Director, Technology Policy

Global Government Affairs