August 3, 2016

Latest ruling for Microsoft reinforces how secure client data is in the cloud

Technology companies in the USA have welcomed Microsoft’s recent successful opposition to the US Government’s demand to access email content stored on a server in the Republic of Ireland.

Throughout the case, Microsoft received widespread support including the filing of amicus briefs by 28 technology and media companies, 23 trade associations and advocacy groups, 35 computer scientists and the Irish Government itself.

This landmark ruling makes it clear that the US Government can no longer seek to use search warrants under the Stored Communications Act to access foreign servers and obtain data on people whose data is stored in other countries. This should also help to assure customers of US-based cloud technology companies globally that their data is safeguarded.

Microsoft President and Chief Legal Officer, Brad Smith, expressed how pleased the company was with the ruling in a emailed statement, “The decision is important for three reasons: it makes sure that people’s privacy rights are protected by the laws of their own countries; it helps to make sure that the legal protections of the physical world apply to the digital domain; and it paves the way for better solutions to address both privacy and law enforcement needs.”

What does the ruling mean for board material stored in the cloud? Given that the largest and most well-known companies in the board collaboration market are based in the USA, this ruling helps to reassure customers outside the USA that they can be confident that sensitive board materials and personal information cannot be accessed by US Government bodies via a Stored Communications Act warrant if it is stored outside the USA.

The single biggest risk to an organisation’s most confidential data is, in fact, people. Board members put data at risk when they use out-dated, insecure tools to receive board materials. The practice of distributing physical paper copies of board books is high risk – loss, theft or misplacing this information can result in a devastating series of consequences including both significant financial and reputational losses. Similarly, sharing this information via PDF files over email accounts outside of the company’s firewall can expose the information to a range of cyber-attacks and hacks.

Board members are high-priority targets for cyber-criminals and with cyber-attacks becoming more prevalent, it’s essential now more than ever to use secure technology.

The ruling in the Microsoft case just adds further reassurance for international customers of Diligent Boards – the leading board portal solution. Securing client data is high priority and we take serious measures to make sure that this is enforced at every level. International customers can be confident that they are currently protected from US Government warrants under the Stored Communications Act. This is because international customers’ board data is housed in a world-class hosting infrastructure on secure servers in Germany and Canada, unless otherwise requested, that are owned and operated by Diligent. Furthermore, our board portal is accredited with the ISO 27001 certification information – the gold standard for information security management.