Swisscom’s ‘Swiss Cloud’ services could be attractive to companies concerned about the extent of government surveillance
Swiss government backed telecom Swisscom, is looking to pitch its “Swiss Cloud” cloud services to enterprises concerned for the security of their data in the wake of the NSA spying scandal.
The telco has been offering cloud services through its Dynamic Computing Services products since 2010, with a focus on Switzerland-based clients such as banks. On Sunday, however, the company said it is considering aiming its cloud services at foreign companies looking to take advantage of Switzerland’s strict privacy laws.
Swisscom head of IT services Andreas Koenig told Reuters that as privacy becomes more of a pressing issue, it could make sense for companies to store their data in countries such as Switzerland.
“Data protection and privacy is a long tradition in Switzerland, and that’s why it’s pretty difficult to get to something,” Koenig said.
While in the US, laws such as 2001’s Patriot Act and 2008’s Foreign Intelligence Surveillance Act (FISA) are designed to expedite government surveillance of data, Swisscom would have to receive a formal request from a prosecutor before allowing data access, according to Koenig.
“If legal requirements are there and we are asked by the judge to obtain or deliver certain information then we would obviously have to comply with it,” he said.
Swiss regulations require Swisscom to store all client data within the country, while the Swiss financial regulator FINMA also requires all data transfer between Swiss financial organisations to be carried out within Switzerland.
Swisscom already pitches the advantages of its “Swissness” to Switzerland-based companies concerned to protect their data’s privacy. “At Swisscom your data is stored in a private cloud in our own state-of-the-art data centers here in Switzerland,” the company says on its Dynamic Computing Services website. “We guarantee data protection and legal security in compliance with Swiss law. Access to personal and business-critical data is protected at all times, even from abroad.”
A logical next step could be to target foreign companies looking for a privacy haven, Swisscom said, but added that it is difficult to guaranteed the security of data that crosses borders, for instance when users are located abroad.
In light of the NSA spying revelations, the Swiss government is looking to bolster its anti-espionage measures to protect the country’s financial centre, which is worth more than $2 trillion (£1.3tn).
Last week Google called for urgent reform after it emerged that the NSA could have harvested information going through the fibre optic channels connecting its data centres, a spying method also reportedly applied to Yahoo.
Classified documents disclosed by Edward Snowden and published in the Washington Post suggest that the data was collected outside the US, where the privacy guidelines are less restrictive, and then processed by an NSA programme codenamed ‘MUSCULAR’, operated in partnership with UK’s GCHQ.
Both companies say they have never offered this level of access to the spy agency and the director of the NSA, Keith Alexander, had previously denied the organisation was monitoring the servers of large US corporations.
Are you a security pro? Try our quiz!