Data is powerful until a breach costs you millions

by Patrick Elliott, ANZ Regional Vice President at Anaplan

Credit: Illustration 98297437 © Aleutie - Dreamstime.com

Data is pretty powerful: it can help uncover trends for more insightful business decisions, improve customer satisfaction and service, calculate the perfect dating site profile, and be weaponised by people with ill intentions.

With all of the good that data brings, such as life-saving healthcare initiatives, data can also bring a world of hurt. Businesses that operate with vulnerable IT systems can inadvertently expose customers to credit card or identity theft and, in extreme cases, can even influence an election.

It comes as no surprise, then, that data breaches are extremely costly. Organisations that fall victim to an attack can end up spending millions of dollars to rectify the breach. And some damage — brand reputation, loss of trust and customers — might never fully recoup.

The good news is that innovations in cloud-based planning technology can help businesses secure data, protecting it against unauthorised access. For businesses that need an even higher standard of protection, such as those in the financial services industry, advancements in technology can even provide additional layers that further encrypt sensitive data.

Here are four questions to ask your cloud provider about its data security safeguards, as well as the benefits of bring your own key (BYOK) solutions for businesses that need even higher standards of protection.

Security features that cloud providers need to have

As cyber criminals evolve, leading technology vendors need to re-evaluate and innovate with how they approach data management. With a wide range of cloud service options to choose from, customers should make data security a key part of any conversation.

By discussing data security up front in the selection process, customers can feel confident that their data will be protected through up-to-date security measures. The following four questions are a great starting point for talking through safeguards that ensure greater protection against data threats.

  • What types of security measures does the provider take to safeguard customer data?
  • Does the provider use end-to-end, or “defence in depth”, techniques that provide a multi-layer approach to protection?
  • Does the provider run consistent third-party penetration tests and comply with standards such as ISO or SOC certifications?
  • Are there multiple authentication options available to control authentication without a need to physically store passwords?

Defence in depth security, in particular, addresses diverse types of cyberattacks by implementing various defences at each layer of an application. Following a best-practice defence in depth security model is critical when protecting data across any ecosystem.

This reflects the “deterrence, detection, and response” strategy of data protection.

Securing sensitive data with a cloud-based encryption solution

Recently, bring your own key (BYOK) solutions have been introduced into enterprise planning to provide businesses with an additional layer of managing and controlling their data.

BYOK is designed to protect against attack vectors focused on data at rest, as well as preventing intrusion by those with back-end access to systems. It delivers strong encryption at the data level, and it augments layers of security that protect software and hardware.

Additionally, they can provide the following benefits to customers:

  • Prevent provider access to company data
  • Encrypting, auditing, and protecting data at the workspace level so proprietary data can be incorporated into planning and forecasting
  • Enabling customers to easily develop solutions for government regulation and compliance by avoiding complex third-party integrations to reach acceptable security levels
  • Give the right users with access to the right data while ensuring individual privacy protection
  • Reduced set-up and maintenance costs of additional security infrastructure
  • A hosted security solution that doesn’t require any on-premises hardware

Maintaining an open dialogue with current and prospective providers around data security remains a critical opportunity for today’s businesses, and it helps keep the best interest of consumers top-of-mind.

Businesses that leverage cloud-based data security technology can ward off cyber threats with a greater peace of mid.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
CSO WANTED
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags data securityIT systemstwo-factor authenticationMulti-factor authenticationBYOK

More about EnablingISO

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Patrick Elliott

Latest Videos

More videos

Blog Posts