As many organizations begin to look to the cloud to increase the efficiency and availability of their databases and applications while reducing costs and complexity, one of the reasons for pause is concern about security.
This year at Data Summit 2017, Michael Corey, director, cloud computing evangelist, Spectrum Enterprise Navisite, and Don Sullivan, product line marketing manager for Business Critical Applications, VMware, engaged in an entertaining conversation on the topic of cloud security.
“Security is constantly evolving,” stated Corey. “I wish I had more access to the data from the IoT. If I wanted to be completely safe I would just cancel the internet.” Corey and Sullivan emphasized that users are responsible when it comes to their security. Citing the recent ransomware hack, they attributed that a lot of the afflicted users to using an outdated operating system and just a general disregard for their own security. “Anybody who is still doing their updates manually is living in the dark ages,” noted Corey. “It is time to have your systems update automatically.”
Companies and users are becoming more aware of the current security environment. The technology exists to keep users secure, but they need to be deployed. While noting this, Corey acknowledges that hackers can still penetrate many security systems. “It must be part of your DNA,” said Corey. “Once a hacker penetrates level A, it is imperative that your security team is able to halt the breach, so they can’t continue breaking through level B, and C.” Data security is even pushing rivals to more amicable relationships for the greater good, noted Sullivan.
The conversation finished with one of the biggest topics in the data industry right now, GDPR (General Data Protection Regulation). The GDPR is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). Sullivan and Corey explained how this will not only affect the EU, but the U.S., as well. “If you have a company in the U.S. and have one client that is located in the EU, you will be bound by the GDPR and must report a hack within three days to your users, once you become aware of it,” noted Sullivan. As many of you know, this would be a stark contrast to how some data breaches in the U.S. are handled. “At this time, we still don’t know all of the effects that this law will have, but it is coming,” noted Corey.
Many conference presentations have been made available by speakers at www.dbta.com/datasummit/2017/presentations.aspx