Thursday , 23 November 2017
Home » NEWS » TOP 10 STORIES » Data Privacy: securing the key to digitalization
Yatin Chalke, Director Solutions Marketing and GTM, System Integrators and Outsourcers, VMware
Data Privacy: securing the key to digitalization

Data Privacy: securing the key to digitalization

Data is the gold dust of the 21st century, and with the amount of that data set to double every two years (reaching 44 trillion gigabytes by 2020), it’s allowing organisations of all sizes to open up opportunities to truly understand their customers. For instance, analysing data in near real-time and acting on insights to deliver superior experiences. Whether it’s enhanced products or tailored communication, a faster service or bespoke rewards, organisations across all sectors are looking for ways to get hold of and use their customers’ (and prospects’) data effectively.

 

However, the data bonanza is not a free-for-all. The very acts which excite businesses – holding and using data – have the potential to expose them to significant legal and reputation damage. Just as there has been a groundswell of interest in harnessing the power of data, so consumers are becoming more aware of their right to privacy and what giving away their data can mean. Organisations that fail to properly secure customer information not only face regulatory and legal sanctions, but can expect significant damage to reputation and trust. Even company officers are having to take personal responsibility for security failures. Marissa Mayer lost her annual bonus over the mishandling of security breaches that exposed the personal information of more than 1 billion users.

 

Governments are reacting to the increased demand for data legislation as well. Regulations such as the EU’s General Data Protection Regulation (GDPR) which comes into force on 28 May 2018 guarantees the data privacy rights of any EU citizen, no matter where their data is being held or processed. It will have consequences for businesses globally, not just in the European Union. However, not all companies are prepared for GDPR, with 8% of those surveyed in the UK feeling that none of the required measures were in place to meet anticipated GDPR requirements, which was echoed with their German (8%) and French (12% percent) counterparts.

 

This leaves enterprises with a tricky balancing act. As they embrace digital transformation strategies, the use and storage of data will be critical. They must use data to deliver the commercial edge they need, whilst ensuring they protect that data from increasingly sophisticated threats. All at a time when being truly digital inherently means increasing the attack surface area of an organisation.

 

Enjoying choice while maintaining control

 

Enterprises want to be truly digital – this means being agile, secure, scalable and cost-effective. On the surface, being agile and scalable would seem incompatible with being secure. Ultimately, however, all these bases need to be covered if businesses are to realise the vast benefits of digitalisation. This is what Gartner terms as ‘the use of digital technologies to change a business model and provide a new revenue and value-producing opportunities’. In a recent study from 451 Research[1], commissioned by Atos and VMware, the research group  looked at the major trends and expectations around cloud adoption. They found that increased agility and delivering scale was among the top three drivers of planned cloud projects for US and European enterprises. The 2 top driving factors are influencing the decisions to get the right infrastructure in place to enable digitalisation.

 

In the past, it was an either-or situation, businesses that wanted to be mobile and connected were leaving themselves open to attack, and that pervasive digitalisation could not be married with compliance and governance.  Unfortunately, being safe often beats out a great user experience. It’s a perception that still holds firm.  In the 451 Research study, they reported 48% of European organizations* are considering moving applications to private clouds for security and control reasons, but also that security continues to be one of the significant barriers to cloud adoption. This is entirely understandable when one considers that, according to Gartner, the need to prevent data breaches from public clouds will drive 20% of organisations to develop data security governance programs by 2018.

 

Having the infrastructure to protect the 21st century’s most valuable commodity

 

Unfortunately, there isn’t a single silver bullet. What’s required is an infrastructure which reflects the needs of the business, covering its requirements across a number of environments. Private clouds certainly do offer secure environments, but public clouds have the edge in flexibility. It’s also important to understand how applications evolve – from test and development through to go-live ready deployments. Each iteration may work best in different environments, so being able to migrate easily is critical to get products and services to market whilst keeping compliant and maintaining security.

 

It might seem like a great idea in theory, but can it really happen in practice? Surely no organisation can truly enjoy both the benefits of digitalisation whilst remaining secure?

 

It does happen. The Olympics is a prime example – the Rio 2016 Olympic Games not only delivered a truly digital event, on a larger scale than London 2012 with computing power used more efficiently, but it also protected the data of thousands of athletes, media, volunteers and other individuals whilst processing accreditations and access, quickly against immovable deadlines. It also dealt with 400 security attacks a second, or 510 million IT security events across the course of the Games – double the number dealt with during London 2012.

 

Without data security, there is no business

 

The fact is that organisations will be judged on data protection. The introduction of the GDPR will help to increase awareness of the steps enterprises should be taking, and has far-reaching implications for any business which touches the EU, no matter where they’re based.

 

At the same time, however, customers are unlikely to accept a drop in user experience. Being secure is one of the core tenets of digitalisation – any business wanting to reap the benefits of digital needs to incorporate it alongside agility, scalability and cost-effectives. The right, fit-for-purpose infrastructure will go a long way to enabling that balance.

About Dan Raywood

Dan Raywood is the editor in chief of the IT Security Guru. A journalist with more than 13 years experience, Dan has been at the forefront of the information security industry.

As the news editor of SC Magazine he covered breaking stories such as Stuxnet, Flame and Conficker and the online hacktivist campaigns of Anonymous and LulzSec, and broke the news on the EU’s mandatory data breach disclosure law and a vulnerability which affected more than 200 sites.

Contact Dan on dan@itsecurityguru.org, by phone on 0207 1832 839