Security Policies

Who is the Biggest Brother?

Kathryn Cave speaks to Rajiv Gupta, CEO of Skyhigh Networks about Big Brother, shadow IT and safety in the cloud

“Big Brother is watching you,” is one of the most famous lines in George Orwell’s post war classic, 1984. Featuring a host of brilliant sound bites it has spawned international TV shows, advertising campaigns… and feels increasingly apt for its most sinister connotations.

Now the terror of being spied upon has gone into overdrive. In fact, Big Brother could be one of the most overused phrases and it sometimes feels like we’re all running round like headless chickens unsure of who the biggest brother is.

Last week Brazil announced that it has plans to create secure email services, which President Dilma Rousseff revealed via Tweet was to "prevent possible espionage". The ultimate aim was to shut out foreign snooping by NSA (US National Security Agency) and GCHQ (UK Government Communications Headquarters).

This is an international issue, but at the national level many people see programs like the Indian biometric profiling initiative as seriously compromising. Whilst at the local level many worry about the Big Brotherish elements of their own companies, or to drill it down even further, their IT departments.

Cloud visibility and control companies like Skyhigh Networks can’t help sitting firmly at the forefront of this debate. An article published in The Register in February ran under the headline “Skyhigh Networks lets bosses snoop on employee cloud use”, with the sub-head “Big Brother for the (secure) common good”.

Rajiv Gupta, CEO of Skyhigh Networks is keen to counteract these charges over the phone. “The previous mind set [before ubiquitous cloud services] was much more Big Brotherish – IT knew exactly what was going on all the time. [Today] the IT organisation does not want to be in the Big Brother business it wants to be in the enablement business.”

“Just because I'm discovering all the [different cloud] services my employees are using [on their machines],” he continues “doesn’t mean I want to reprimand my employees, it could be because I want to educate my employees [on which are the most safe]. Of these [various cloud] choices you have [different levels of] risk. The employees themselves are not aware of this risk information they find it valuable to be educated.”

“IT is not Big Brother, it is enabling people to use the services they want. In fact if anything, it is preventing the Bigger Brother which is NSA or the US government, or whatever, from peeking into your data.”

Gupta sees the fundamental aim of Skyhigh Networks as to counter the negative impact of shadow IT. “The whole cloud movement is based on a simple consumption model,” anyone can sign up to cloud services. “IT is starting to feel like it’s not relevant.  Yet when it comes to safeguarding the company’s governance and compliance IT is still very relevant. We’re giving IT the means to assert their position at the seat of the table and become an enabler for the organisation.”

The idea came about in late 2011/early 2012. During the period, Gupta spoke to 120 luminaries in the industry to understand their key issues and pain points. Through these conversations the potential and risk in the cloud emerged as recurring themes. Gupta describes himself as a “technologist by training and entrepreneur by choice” and tells me that as far back as 1992 he started a project at HP labs about computing as a utility. “I’ve been thinking about cloud, even before it was called cloud.”

In a short space of time, the cloud has changed the whole dynamic of most organisations. Via the ability to facilitate other business leaders it has changed core roles within companies. “Running the server didn’t give IT any pleasure of joy, it wants to enable fast innovation for the CMO, CFO and line of business,” Gupta explains.

“IT can become an enabler. Instead of allowing the CMO to go rogue it can allow the CMO to get the same quality of service, the same velocity that they want, [but with a] safety net.  Let the CMO have his or her own way whilst at the same time not being compromised from a security point of view.”

This highlights wider issues around security. In a research report IDG Connect produced this June on Data Sovereignty, we looked at how, despite its air of intangibility, the cloud is actually a physical server hosted somewhere in the world. Yet many organisations simply don’t understand local data protection rules. Findings revealed that although 70% of organisations are concerned about Data Sovereignty, just 36% are aware of relevant laws & legislation. And only 23% of companies that use the cloud know in which country their cloud is based.

“Data is in a data centre and available to be snooped by NSA,” says Gupta, yet the promise of Skyhigh Networks is that you get “the benefit of cloud from a US entity but at the same time making sure your data is not available to a US government body.”

There is no getting away from the fact that increasing volumes of our data is out there and it is being watched by someone. There is no stopping the fact that information is shifted around the world in a series of industrial data warehouses. Maybe the question we should be asking is: who is the least offensive spy?


Kathryn Cave is Editor at IDG Connect


« SolarWinds Winning through Gentler Approach to IT Headaches


The CMO Files: Wolfgang Runge, Vice President EMEA Marketing, HP Software »


Do you think your smartphone is making you a workaholic?