Due to improved analytics and the rapidly growing benefits of cognitive computing, data is becoming an even more critical growth asset central to all business operations.
Not only this, but with the increase of cyber attacks and new regulation such as General Data Protection Regulation (GDPR) soon coming into force, control over data is now at the top of all organisations’ agendas.
Now is the time to rethink architectures to enable companies to use data to drive digital transformation, while keeping full control of one of their key assets – data.
In order to compete in a market being transformed by the availability of cloud services, many businesses are realising that they need complete control and transparency of their data management – where it is, who has access to it and how it is protected.
>See also: Is business data AI compatible?
The way they collect, organise and activate this data will be essential to their future. This is why many businesses are now putting their data in the cloud – ensuring their most critical asset is always in the hands of experts, with increased access to cognitive analytics.
Data on the moveIn today’s digital environment, data is crucial to the operation of businesses. They need secure, compliant access to this through a multitude of channels. For example – a bank needs access at the branch, online, and via mobile.
Wherever the operation is taking place, there needs to be a secure and compliant connection to the data centre, with consistent processes across the whole environment – from mobile to mainframe.
Making this data available across geographies and channels only makes security more complex, with a growing range of endpoints and regulation to consider.
Data residency is important for organisations to consider when moving to the cloud. IBM – through its growing cloud footprint in Europe, the UK and other global centres – can offer clients the choice of where their data is stored.
The giant advocates for client choice of data residency while opposing government-mandated data localisation, with the exception of sensitive data for example related to national security or critical infrastructure.
New rules and regulation
The General Data Protection Regulation (GDPR) is another key piece of regulation to consider, which comes into force next year.
The aim of GDPR is to protect all EU citizens from privacy and data breaches in an increasingly data-driven world, massively increasing the scope of data protection and residency from the 1995 directive.
One of the major changes set to impact businesses is that serious breaches, which are likely to “result in a risk for the rights and freedoms of individuals,” must be reported within 72 hours. Those in breach can be fined up to 4% of annual global turnover, or €20 Million – whichever is greater.
The current models in place for handling data will need to change – and businesses are looking to sophisticated cloud providers to assist with this complexity.
Security in the cloud
With the prospect of significant fines for those who are in breach, security is top line priority for many organisations. While some still view cloud as less secure, enhanced security can be a key reason for moving to the cloud – but not all clouds are created equally.
Some cloud providers can often offer more advanced security expertise than is available in house, managing end to end security needs – from identity and access controls, to data protection and even threat intelligence.
This gives the end customer complete control of the cloud including the application and the hypervisor, all the way to the processor level.
Knowing who has access to what and where, otherwise known as ‘identity and access management’, is crucial.
Cloud identity management – also known as ‘Identity as a Service’- gives businesses complete control over this, minimising the insider threat and ensuring there are no weak links in the chain.
Hardware can also prove vulnerable. With ‘bare metal’ cloud servers, businesses can ensure that security and data geo-fencing is provided all the way to the processor level.
They get the flexibility and pay as you go benefits of cloud without sacrificing control of visibility over the environment.
With logical access and security controls, businesses can be assured that workloads are only being run on trusted hardware in the designated geography.
Businesses can be further reassured that the cloud is safe and secure with the introduction of the European Cloud Code of Conduct.
The Code is rigorous – companies that sign up must meet all of the requirements with no room for opt-outs or exceptions.
Not only does the Code align with the current legal framework for data protection in Europe, but it also aligns with core elements of the GDPR.
A hybrid solution
One of the industries most concerned with security is financial services. Even businesses in this highly regulated industry are now expanding their cloud solutions.
While there is still a demand for in-house IT to run certain core systems and store particular data types, hybrid cloud is increasingly being seen as the most effective solution for this type of industry, integrating local, public and shared options.
One bank already taking advantage of these benefits is Boursorama, a subsidiary of the Société Générale Group and leader in online banking, online brokerage and financial information services.
By deploying its services through a cloud infrastructure, Boursorama has been able to improve management of IT resources by quickly activating servers based on specific client needs and usage. It has also been able to strengthen the security and resilience of its websites.
Through a global, 24×7 managed backup solution for its back office that leverages one of IBM’s business resiliency centres, Boursorama has been able to speed up recovery times by providing faster access to the crucial applications and data that are core to its business.
In a data led economy, businesses today can’t afford to lose track of their most valuable asset. So the question is, do you know where your data is?
Sourced by Jonathan Wisler, Leader Europe Bluemix IaaS at IBM