Should hosts cooperate with law enforcement?
Alex de Joode, security officer of global hosting provider LeaseWeb, discusses why it is vital that law enforcement agencies and hosting companies should cooperate, and why trust is critical to the relationship
Do the police have the expertise to locate a ‘wanted’ server in a data centre, and once located, are they able to take down servers causing minimal disruption and damage, without the help of a host? The answer in most cases is ‘no’.
Just a few months back, it was widely reported that the FBI took down servers from a hosting data facility in the US, which caused a number of websites of innocent companies to disappear. Operations had to be transferred to other locations, or worse, sites weren’t accessible for an extended period of time. As the host in question wasn’t aware of the FBI taking action, customers of the hosting company weren’t immediately notified and the issue resulted in disruption and downtime for a lot of innocent people. A lack of communication and a clear divide between the authorities and the host was evident in this example.
With cyber-attacks becoming increasingly common on a global scale, safety and internet security are at the top of the hosting agenda. Bearing this in mind, hosts need to be aware of the legal and judicial powers the authorities hold in order to enforce compliance with their requirements. Similarly, authorities need to be mindful of technical, legal and regulatory issues, not to mention differences in international law if they are to comply. It is therefore in the interests of both hosting providers and their customers to communicate with the authorities on an ongoing basis, so all parties involved can collaborate more efficiently.
So what can businesses do to really build and maintain relationships with the authorities to ultimately ensure uninterrupted uptime for their customers?
The first key factor is a willingness to cooperate. If hosting providers really want to help tackle cyber-crime, for their own business as well as for their customers, they need to be open and responsive to law enforcement agencies. However, both parties need to understand that it is the law that sets the boundaries within which they cooperate. By simply communicating with law enforcement agencies before any action takes place, hosts can take the appropriate action to minimise disruption and downtime for customers, as well as helping protect their privacy and property.
The second factor that deters the risk of problems occurring is the presence of a dedicated security department within the hosting provider. Having an experienced and qualified team of staff who are capable of dealing with complex security issues has a positive effect on many processes within the company. By devoting a section of the business to specifically deal with upcoming security issues and threats, companies can ensure serious situations are handled correctly. In addition, having a knowledgeable team that thrive under pressure and are trained in the field, hosts will have the resources to be able to tackle these problems quickly, especially if the authorities do make contact and need to intervene. A dedicated security office will speed up the process, minimising the risk of an issue spreading whilst also making the best use of both the host’s and authorities’ time.
The single most important factor to making the relationship work is trust. This is something that has to be built up over time between the hosting provider and the law enforcement agency, so that both parties see value in the relationship. Maintaining strong relationships through regular dialogue is imperative to the trust factor. This is mutually beneficial for both parties as together they can agree on a legitimate process that is effective for the police but, at the same time, does not interrupt the hosts’ ongoing business.
Hosting providers should also show evidence that they are on the cutting edge, by keeping themselves up to date and educated about potential issues by attending security conferences and monitoring hacking forums. By thinking more creatively and monitoring forums like these, hosts can intelligently keep abreast of hackers’ intentions and be more aware of criminal developments in cyberspace. This allows for both hosts and the authorities to act quickly, meaning the hosts aren’t wasting valuable time.
LeaseWeb has strong relationships with the Dutch authorities. This means problems are dealt with fast, mainly because as soon as an issue arises LeaseWeb notifies its customers. By providing them with this intelligence, customers are kept in the loop and the authorities only need to be alerted if the problem escalates.
Building relationships with the authorities is something all hosting providers should be actively thinking about, if not already pursuing. With the correct protocols and operating procedures in place, hosting companies can foresee and potentially avoid serious issues.
2 comments
Comment: 1
Comment: 2
The U.S. government just put an innocent black man to death yesterday, yes, me, Troy Davis. The U.S. government used A LOT of government and police time and money to try and stop activists from protesting my illegal death--not to mention the death penalty and all the other innocent people on Death Row in the U.S. But, yesterday a white guy, an admitted murderer, was pardoned from Death Row!
The U.S. admitted to faking evidence of weapons of mass destruction in Iraq--but they are still there and sucking out more oil at lower prices then ever. Of course the Iraqi people are way worse off, and if there were elections allowed about whether U.S. troops should leave (the U.S. has always banned referendums on this question), they'll overwhelmingly "U.S. Out Now!"
Same with Afghanistan. Same with Libya. Libya is such a blatant re-colonization of Africa. Put up an effective website about this--or racist police brutality--or the many Black political prisoners in the U.S.--or the many Muslim put into complete isolation ONLY due to their faith!! Yes, the U.S. has legal solitary confinement for life--for doing nothing! No rules whatsoever to the Communications Housing Units.
Now, President Obama can KILL any citizen, American OR foreign based SOLELY on his say so! No evidence, no court process, nothing their mom or dad or anyone can go to and see! Tens of thousands are on the "No Fly" List. How do you get on? How do you get off? Hey, still secret? Why ya wanna know? You some kinda terrorist or something?
Racist police brutality is a huge problem still in AmeriKKKa (as it seems to be in London and Paris according to newspapers). The police legally can collect info on activists via their ISP, and in America, the activist never knows. How many people have Yahoo and Google killed by giving their email identities to government authorities? We should NEVER give email info to the government of human rights activists. And of course the government will say, oh, they are criminals, trying to __________.
Come on, Net magazine. There are a LOT of us who volunteer all the time for people we see around us getting beat down by racist cops. For our sisters and brothers in Iraq, Afghanistan, Libya, Pakistan killed by drones and online activists jailed. In the U.S. too!!