Microsoft's Tighter Encryption: Why Others Should Follow Its Lead
And, yes, tapping into a fiber-optic data cable is entirely possible, and it's done regularly by foreign intelligence services. The U.S. military has routinely been deploying submarines to install fiber-optic cable taps on undersea communications cables, and it's a sure bet that other governments are doing this, as well. Perhaps you think that your data isn't valuable enough to be worth the cost of deploying a submarine, and perhaps you're right. But if your data is there along with the data from the intended target, it'll still get swept up. Fortunately, there are steps you can take to at least make it inconvenient to entities who may want to steal your company's most critical data. The first is to make sure that some encryption is always in use when your information is moved around the company and over the Internet. At the very least, make sure that Secure Sockets Layer (SSL) encryption is enabled for any data transfer. Second, for those times when you need to move data outside the company, use a service that encrypts your data before it leaves your site, encrypts it en route, and keeps it encrypted when it arrives at its destination.Does this mean that you shouldn't worry about the NSA? No, but if the U.S. government wants access to your data, then your network providers are compelled to hand it over. On the other hand, your network provider isn't compelled to hand over data to cyber-criminals and probably not to the Chinese military (unless your networks travel to China). However, those entities are at least as interested in getting your secrets as the NSA is, and there's no point in making the process easy.
Finally, if you routinely transfer data over a fiber link, whether it's to another data center of yours or to a third-party hosting service for disaster recovery, storage or backup, use an encryption appliance before the data travels outside your building. Encryption appliances are available from a variety of vendors, including Cisco, Certes Networks, Symantec and others.