Tag Archives: Data Security

Cloud Platforms, Data & Analytics, Tech, Tech Thought Leadership, Technology

Navigating the Future: Cloud Migration Journeys and Data Security

Paul Hossack, Solutions Engineer at Protegrity 

For years, businesses have been chasing innovation with cloud platforms, moving beyond the limitations of legacy technology for greater speed and agility, and sharpening their competitive edge. However, all businesses often face challenges that complicate cloud migration, driving up costs and timelines while exposing the business to data security risks. Ultimately, these challenges block businesses from experiencing the true benefits of cloud integration, and in some cases, lead to significant breaches and regulatory fines.  

Building cloud security solutions: measure twice, cut once 

The speed of cloud migration is most commonly hindered by data security concerns, budget overruns, fragmented implementations, and operational friction. These challenges – affecting the three key stakeholders within the cloud migration strategy of Data and Analytics Leaders, Security Leaders, and IT Leaders – often cause projects to run well beyond their planned timelines and budgets. In many cases, these migrations fail to deliver value because data utilisation is restricted by inadequate security, and extended timelines erode the business’s first-mover advantage. 

To overcome security challenges and protect the cloud databases, teams often adopt a DIY security approach. However, this is not as practical or scalable a solution as it seems. Cloud projects have a reputation for spiralling in scope, much like their ever-expanding namesake —often stretching far beyond the original vision teams had in mind. As the migration project rapidly increases in scale, teams are hampered by the number of security solutions required and soon realise they are investing time and resources into building custom cloud security solutions rather than moving forward with the cloud migration itself.  

To mitigate these issues, data security must be the foundation of every cloud migration project. Security cannot be treated as an afterthought or applied only to certain parts of a migration: instead, it must be unified and consistent across the entire organisation. When businesses prioritise security from the outset, they eliminate risk and operational friction, creating a secure and agile pathway to a competitive advantage in the cloud. Beginning a cloud migration journey with the foundation of data security also enables teams to be more considered and methodical in their approach; adopting the mindset of measure twice, cut once. Further, data security allows businesses to move data seamlessly across platforms, leverage any cloud, and develop cloud-native applications, all while maintaining speed, agility, and confidence. 

Navigating safety obstacles 

One of the major obstacles that businesses face is the increasing complexity of regulatory environments. Most notably, with DORA coming into effect in January 2025, businesses operating in the EU must meet new standards for technological risk management. This regulation requires businesses to demonstrate their ability to prevent, manage, and recover from cyberattacks and other operational disruptions. Failure to comply will potentially lead to considerable fines and reputational damage. Considering this, businesses must not assume that basic cloud provider security tools will be sufficient to effectively secure their sensitive data and meet the demands of regulatory scrutiny. Tools like encryption, identity and access management (IAM), and monitoring/logging provide a foundation, but they are not comprehensive solutions. Unfortunately, over-reliance on these tools can lead to compliance gaps and increased vulnerability. 

To meet the requirements of DORA and future regulations, business leaders must adopt a proactive and reflexive approach to cybersecurity. Strong cyber hygiene practices must be integrated throughout the business, ensuring consistency in how data is handled, protected, and accessed. It is important to note at this juncture that enhanced data security isn’t purely focused on compliance. Modern IT researchers and business analysts have been studying what differentiates the most innovative companies for decades and have identified two key principles that help businesses achieve this: Unified Control and Federated Protection. Unified Control establishes a centralised policy governing all data security measures, ensuring consistency and compliance across all platforms. Federated Protection implements these centralised policies across decentralised environments, allowing for flexibility while maintaining robust security. 

This clearly illustrates that comprehensive data security and governance allows businesses to grow and innovate with confidence: allowing them to take calculated risks with data security and compliance already accounted for. By using unified control and federated protection, teams avoid reinventing cybersecurity policies for every cloud migration project and instead focus their attention on fast, efficient project delivery. 

The data security (r)evolution 

Advancements in data security technologies are reshaping the cloud landscape, enabling faster and more secure migrations. Privacy Enhancing Technologies (PETs) like dynamic data masking (DDM), tokenisation, and format-preserving encryption help businesses anonymise sensitive data, reducing breach risks while keeping cloud adoption fast and flexible. However, as businesses will inevitably adopt multi-cloud strategies to support their processes, they will require interoperable security platforms that can seamlessly integrate across multiple cloud environments. Such platforms will not only enable faster, more secure migration processes but also allow businesses to achieve a rapid return on investment (ROI) that would otherwise be stunted by increasingly complex challenges. Ultimately, those that stay ahead of regulatory trends, while leveraging cutting-edge data security platforms, will be best positioned to thrive in the rapidly evolving digital landscape. 

News

1 in 5 people feel Open Banking is secure

Open Banking platforms still have a way to go to convince the public of their superior safety despite 1 in 5 feeling this form of online transaction is secure, according to I-Finity’s 2024 Open Banking survey.

Open Banking is not only safe and secure, but also faster and more efficient than regular online banking methods.

But many people are still concerned over the security of Open Banking suggesting that the public need more education on the topic.

Open Banking survey: the findings

I-Finity – a highly-experienced digital solutions company – surveyed 200 people who had used or currently use banking apps to find the public’s views on Open Banking security.

The results showed:

  • Only 1 in 10 felt Open Banking was not secure, with 23% feeling it was. 67% were unsure.
  • Just 46% of people were aware of Open Banking.
  • 36% of people would be unhappy to give personal data to an Open Banking app or platform.
  • 47% were unsure of whether they would give personal data, with just 18% certain they would be happy doing so.
  • Bank details being stolen was the biggest concern around Open Banking. with 20% choosing this option.
  • 18% felt the site might be a scam or phishing site.

While the survey highlights there is some reluctance by the public to adopt Open Banking, it also suggests education around the topic would be beneficial.

Like most new technologies – especially ones that involve personal data and money – there has been some scepticism around Open Banking’s security. But most of this is unfounded.

Russ Huntington, CTO of I-Finity, said: “The reality is that open banking is very secure. In fact, it’s more secure than traditional banking. But as with many financial products, everyday users can be a little wary.

“But with Open Banking you need to use secure data-sharing practices, such as using APIs and encryption, to ensure that customer data is protected.

“The connection between apps and Open Banking is also encrypted, which helps to keep data safe. Consumers need more education on how safe this form of banking integration is.”

Open Banking is highly regulated

The Financial Conduct Authority (FCA) makes sure that all open banking apps and APIs are regulated.

They create the standards that all third-party providers have to adhere to if they want open banking as part of their solution/environment.

Russ added: “Accessing Open Banking APIs is only possible for apps that have been through an independent audit to prove the systems and security controls meet the standards of the FCA.”

News

85 percent of UK consumers do not trust businesses with the privacy and security of their online data, but 50% prepared to overlook these concerns in favour of a better user experience

A recent study of 1,012 UK consumers, conducted independently by API management provider Axway, has revealed that the majority of Britons have serious concerns over how their data is stored and secured, however 50% are prepared to overlook those concerns in favour of a better user experience.

The study showed 85 percent of respondents are concerned about the privacy and security of their online data, with almost 75 percent agreeing that companies do not make it sufficiently transparent as to how they handle their data. Mistrust could potentially lead to detrimental effects for any organisation with an online presence: for 53 percent, a data security incident would be a reason to end the customer relationship for good. When asked more specifically, 49.4 percent replied that they would at the very least stop dealing with a company until the problem was solved or they could change their login details (30.8 percent). However, with 50% prepared to overlook those concerns in favour of a better user experience, organisations have an opportunity to build seamless digital experiences and form a foundation of trust.

The study also found that almost 70 percent of Britons would choose to work with businesses that offered a more secure approach to protect personal data. However, for almost 10%, engaging with a business still depends on how much trust they have in the company, irrespective of its approach to data protection. At the same time, just 22 percent trust “Big Tech” more with their data compared to smaller, independent or local companies, while 61.9 percent trust the large and smaller companies about the same.

VP and Chief Catalyst at Axway, Brian Pagano says: “Whether in energy, health, finance, or retail, companies are trying to stand out and provide brilliant digital experiences while also complying to industry data privacy and security requirements, which is no simple proposition. Eliminating friction in customer experiences is the biggest competitive advantage, and these survey results point to security breaches and privacy concerns as a snag in the fabric of the seamless experience people have come to expect”.

“Experience tells us consumers will go wherever the least amount of friction is, regardless of the custody chain of your data. If people feel unsure about how their data is being handled, companies have an opportunity to build trust so that their average consumer doesn’t need to concern themselves with these details. Enterprises can rely on a suite of tools, like Axway’s Amplify API Management Platform, which will give them scalability, privacy and security audit trails, and regulatory and compliance frameworks so they can focus on delivering the best and most secure experience.”