Security in clouds
As more customs agencies begin to communicate and cooperate with one another, the cloud is often viewed as the vehicle to share information.
“The dialog that’s going on today is around data management and what information needs to remain on-premise in a government data center and what data can reside off premise on a third-party data center,” said Noah Rosenkrantz, GreenLine Systems’ chief executive officer. “One of the things that we do see is that coordinated border management involving customs in collaboration with other agencies is more and more the norm from both a policy and operations standpoint.”
However, there’s a question about how much and the nature of trade information that will be comfortably shared by customs administrations through cloud computing.
“In the Internet you can secure information, but how well you can do it remains to be seen,” said Dietmar Jost, managing director of Dietmar Jost Consulting. “Experts have mixed assumptions and expectations over how well the cloud can work for customs”
He said that it is likely that core operations like duties and risk assessment will never move into a public domain, but they can work in a private cloud — a networked infrastructure that works the same way as the Internet but is only accessible on private servers and hardware.
The ability for cloud systems to automate processes will actually add another layer of security for some customs bodies. Many security concerns arise over which employees have access to what data. Sensitive data that’s provided to a cloud or single window system can be processed entirely by the software, and moving away from a manual process drastically reduces the number of people involved.
Cloud systems can also include specific clearance requirements for which personnel can access what data and how documents are sent and received. Moving away from printed and hand-delivered or mailed documentation adds yet another layer of security by removing multiple steps where access to documents cannot easily be limited.
Frank Callewaert, global technology strategist for Microsoft, admitted there were security concerns while Microsoft was working on the Trans-Kalahari Corridor system since it integrates with existing customs systems. He said the approach from Microsoft and its partners was to keep as much data stored on each country’s servers and not in the cloud so it would avoid security issues. For the corridor’s system, data storage and retention remains the responsibility of the national authorities.
“Moreover, as trade is cross-system, cross-industry and cross-border, the customs authorities are able to retain control of sensitive aspects of their own trade data,” Callewaert said. “From Microsoft’s research and experience, cloud computing offers at least as secure a data-hosting platform as alternatives and has the added benefit of providing a more flexible way to exchange data between authorities over highly secured data communication channels.”
Microsoft expects to promote systems similar to its Trans-Kalahari Corridor project where the cloud is simply an encrypted data carrier — delivering messages both ways but never holding on to the data itself. With all the processing of information being done on individual customs and company platforms, the risk is minimized to thieves having only a small window to break into the cloud service unnoticed and then being available to intercept and decode decrypted data in the seconds it takes for a message to be delivered.
We’ll send it to you!
Register now and get the free AS Daily.