The role of security in a connected world
Data that companies acquire, manage and secure today is much
different to what it was even a couple of years ago. The variety, volume and
complexity of customer and internal data held is placing new demands on CIOs
both from a pure manageability front but also from external compliance and
regulatory requirements.
Securing this data used to be purely an issue of its
integrity and availability. Good backup and recovery, disaster recovery and
business continuity plans were enough to satisfy the needs of the organisation.
However in a world with mass connectivity, on-line transaction processing and
social media information gathering, the security priorities and rules have
changed.
Now organisations cannot just set their own data security
policies. The EU, national governments, industry regulators and individuals all
have a say in what information can be held, where it can be located, how it
must be secured, who has access and what can be done with the data.
At this year’s Powering the Cloud event the whole subject of
data security will be addressed in one of our major Spotlight Sessions.
One of the main topics that will be addressed within the
session will be the European Commission's ‘proposal for a General Data
Protection Regulation’ which represents almost certainly the most significant
development since the EU Data Protection Directive.
Where the directive was interpreted and implemented at a
national government level this proposal is an EU regulation and as such will be
applicable in all member states, without the need for national implementing
legislation.
The proposed regulation is that companies should have only
one regulatory authority that supervises its activities across all EU member
states. At face value this sounds great but already there is dissention from
consumer activists and global companies and it emerged recently that US
regulations on data security mean that data held on US territories or by US
companies globally can be accessed by the US government for national security
reasons.
Not sure how Amazon Web Services and Microsoft Azure can
sell this to European companies but that amongst many other issues of
legislation, including PCI compliance, will be discussed and debated in this
Spotlight Session.
As just mentioned when data starts to exist in the Cloud its
security becomes a major issue for everyone. Leaving aside the international
regulations that are coming into effect, there are many other data security
challenges that the Cloud brings to the fore such as data isolation, integrity,
availability, compliance and privacy.
During the session we will address all these issues and
explore the contentious notion put forward by many Cloud providers that they
have implemented better security than most Enterprise IT departments deploy in
their own data centers.
Though many CIO’s might dispute this claim there is no doubt
that they are using the cloud as part of their security strategy. That can be
everything from data replication and disaster recovery to using the cloud as a
DMZ for mobile users and customer interaction.
In this connected and mobile world CIOs are being
particularly creative in building secure data environments, and during this
session we will also have case studies of the challenges enterprises and
government organisations have faced and how they have addressed them.
We will also explore why many vendors and service are
developing Unified Data Security solutions and whether there is a reality in
this notion or whether it is still more appropriate to buy best of breed
solutions.
The overall aim of this session is that delegates will have
identified some answers to their own data security challenges and shared ideas
through the panel sessions. If data security is high on your list of priorities
then this Spotlight Session is one you must not miss.
No comments:
Post a Comment