Cloud:Think!BeforeUsage: Difference between revisions

From queowiki
← Older edit
No edit summary
No edit summary
 
(2 intermediate revisions by the same user not shown)
Line 3: Line 3:
'''T H I N K !'''  BEFORE YOU USE THEM
'''T H I N K !'''  BEFORE YOU USE THEM


* Privacy shield
* '''Privacy shield'''
: * Since 2020-07-16 there's no more data agreement at all between the U.S.A. in the European Union at all.
: - Since 2020-07-16 there's no more data agreement between the U.S.A. and the European Union at all.
:: [https://de.wikipedia.org/wiki/EU-US_Privacy_Shield de.wikipedia - privacy shield is void ]
:: [https://de.wikipedia.org/wiki/EU-US_Privacy_Shield de.wikipedia - privacy shield is void ]
* US cloud usage risk:
:: [https://www.heise.de/news/iX-9-2020-Risiko-US-Software-4878878.html NO legal basis for US cloud usage for companies in the EU anymore]
:: [https://www.heise.de/hintergrund/Nach-Privacy-Shield-Aus-Unternehmen-muessen-Software-und-Dienste-ueberpruefen-4877375.html EU companies have to investigate their US cloud usage NOW!]
:


* US Cloud act
* US Cloud act
Line 11: Line 15:


'''PROVIDER "fails"'''
'''PROVIDER "fails"'''
: => unsorted links below, (german/english URLs mixed) work in progress...
: => unsorted links below, (german/english URLs mixed) - work in progress...


: * Apple
: * '''Apple'''
:: [https://www.golem.de/news/icloud-sicherheitsforscher-entdecken-55-sicherheitsluecken-bei-apple-2010-151418.html 2020-10-09 - 55 security fails on icloud]
:: iCloud
::: [https://www.golem.de/news/icloud-sicherheitsforscher-entdecken-55-sicherheitsluecken-bei-apple-2010-151418.html 2020-10-09 - 55 security fails on iCloud]


: * Microsoft(Azure/Office365)
: * '''Google(GCP)'''
:: [https://www.golem.de/news/office-365-warum-microsoft-die-datenschuetzer-spaltet-2010-151315.html 2020-10-06 office365 is GDPR/(DSGVO) INCOMPATIBLE]
:: [https://www.golem.de/news/strafverfolgung-google-rueckt-ip-adressen-von-suchanfragen-heraus-2010-151435.html 2020-10-10 - Google IP-addresses/search requests/US law enforcment/GDPR incompatible?]
:: Azure Monitoring Agent for Linux  
 
: * '''Microsoft'''
:: Office365
::: [https://www.heise.de/news/Microsoft-Office-365-Die-Gruende-fuer-das-Nein-der-Datenschuetzer-4919847.html 2020-10-05 => office365 is GDPR/(DSGVO) INCOMPATIBLE #1]
::: [https://www.golem.de/news/office-365-warum-microsoft-die-datenschuetzer-spaltet-2010-151315.html 2020-10-06 => office365 is GDPR/(DSGVO) INCOMPATIBLE #2]
:: Azure
::: ''Azure Monitoring Agent for Linux ''
::: - no automatic update/no repository available
::: - no automatic update/no repository available
::: - a lot of files have wrong DAC settings (up to completely wrong octal notations of 777)
::: - minimal RAM requirements for one host 10GB of RAM (!)
::: - minimal RAM requirements for one host 10GB of RAM (!)
::: - potential memory leak ahead
::: - potential memory leak ahead
Line 25: Line 37:
::: - no predictive monitoring like the partition /opt will be full in 3 days
::: - no predictive monitoring like the partition /opt will be full in 3 days
:::: Prometheus and a lot of other tools are capable out of the box to accomplish that
:::: Prometheus and a lot of other tools are capable out of the box to accomplish that
::: many more to come
::: ...many more to come...
 


: * Google(GCP);
'''SOLUTIONS:'''
:: [https://www.golem.de/news/strafverfolgung-google-rueckt-ip-adressen-von-suchanfragen-heraus-2010-151435.html 2020-10-10 - Google IP-addresses/search requests/US law enforcment/GDPR incompatible?]
There are solutions for this dilemma, use on-premise installations/servers (although it's old fashioned), create your own '''private''' cloud (e.g. with OKD (Origin Community Distribution)), use Nextcloud instead of sharepoint/onedrive, and so on.

Latest revision as of 07:58, 3 September 2021

No mattter whether you use Amazon(AWS), Google(GCP), Microsoft(Azure/Office365), or any other Cloud service, there's one rule for all of them:

T H I N K ! BEFORE YOU USE THEM

  • Privacy shield
- Since 2020-07-16 there's no more data agreement between the U.S.A. and the European Union at all.
de.wikipedia - privacy shield is void
  • US cloud usage risk:
NO legal basis for US cloud usage for companies in the EU anymore
EU companies have to investigate their US cloud usage NOW!
  • US Cloud act
US law enforcement has the permissions to get acces to all your cloud data

PROVIDER "fails"

=> unsorted links below, (german/english URLs mixed) - work in progress...
* Apple
iCloud
2020-10-09 - 55 security fails on iCloud
* Google(GCP)
2020-10-10 - Google IP-addresses/search requests/US law enforcment/GDPR incompatible?
* Microsoft
Office365
2020-10-05 => office365 is GDPR/(DSGVO) INCOMPATIBLE #1
2020-10-06 => office365 is GDPR/(DSGVO) INCOMPATIBLE #2
Azure
Azure Monitoring Agent for Linux
- no automatic update/no repository available
- a lot of files have wrong DAC settings (up to completely wrong octal notations of 777)
- minimal RAM requirements for one host 10GB of RAM (!)
- potential memory leak ahead
- monitoring processes with syslog - sorry I've never seen that before
- no predictive monitoring like the partition /opt will be full in 3 days
Prometheus and a lot of other tools are capable out of the box to accomplish that
...many more to come...


SOLUTIONS: There are solutions for this dilemma, use on-premise installations/servers (although it's old fashioned), create your own private cloud (e.g. with OKD (Origin Community Distribution)), use Nextcloud instead of sharepoint/onedrive, and so on.

Retrieved from "https://quehenberger.org/queowiki/index.php?title=Cloud:Think!BeforeUsage&oldid=137"