Few months back, we witnessed a global level, large scale Data attacks, commonly referred to as “Ransomware”. A coordinated attack on select and widespread systems with vital data, encrypting its content and demanding Ransom to let data owners & users regain the data control back. In one way, it was a jolt to advocates of Digital transformation on the need to have a re-look at our security benchmarks. At the same time, it was also an awakening to technology designers and implementers to give much needed attention to our security policies.
Digital Transformation is the 4th Industrial revolution, simply put. The first 3 transformation waves – Mechanical, Electrical and Electronics were more focused on Automation, reducing manual efforts and increasing productivity & efficiency. The latest wave is more to do with eradication of manual processes, high level of Smartness and Intelligence – mainly Artificial and induced. If security is not a fool-proof given, this will not give any confidence to users and adopters to use and get benefits. Hence it is important to understand security loops and how we can fix them, making this whole transformation an experience.
If we look at areas of concern as far security for Digital Transformation, it boils down to 3 critical levels:
- Data Security: Data is the key – anything and everything we are doing with Digital enablement of systems, processes and people, has to do much with how we can get and use data in real time and with effective benefit. When it comes to security of Data or information, we need to build the same inherent in overall design. Any information passing from one device to another (say from Sensor to Gateway or to Server) can be encrypted using effective tools so as to prevent any loss in case of pilferage. WhatsApp’s end to end encryption is a great example of how we can build such data transport systems to ensure highest level of security.
- Network Security: Lot of work and efforts have been put in here to ensure we have perimeter protection for our networks. Enough tools, applications and appliances have flooded the market ensuring network protection. However with advent of open networks, virtual networks and Cloud, the perimeter concept has diminished to a large extent. We now see concepts like Internet Separation gaining speed where public users (say Govt departments) need to have different network, physically separated, one for internal use (Intranet) and another for external use (Internet). Though this means increase in costs for overall IT operations, it goes a long way thwarting such attacks what was witnessed last 2 weeks.
- Device Security: Mobility has made the concept of location-bound a farce. With the advent of IoT (Internet of things) where millions of devices are now able to communicate, transfer and talk to each other with built in AI (Artificial Intelligence) processes, it is more important to also have a device level security built into the design of each device. Smartphones have now reached a stage where multi-level security is a basic requirement which enables high degree of security for the device as well for the content. Even if I lose my phone, someone needs my unlock password to open it. Even if someone does that, to see my mails, another authentication (fingerprint, Retina or mere numeric number) is required. Also with MDM (Mobile Device Management), we have made it possible for us to remotely destroy and erase all my data on my lost phone.
DATA SECURITY CHALLENGES : With Digital India, Smart Cities and Citizen e-Services becoming our mark of transformation of our govt and public processes for the best of all of us, it is very timely we re-look at our Security aspects also. Our focus on Digital transformation has to be both on enabling a seamless experience and a secure Information flow.
It is quite critical for us to ensure Data hosting and localization is thought about in detail. A serious approach to Data Security is absolute necessary, thus making it very very important to pick your data hosting partner carefully. Just having Perimeter and Device access security may not be enough. With data being generated round the clock, on devices which are everywhere, it is not so simple to ensure security. With new technology concepts like On-the-go security, Data-in-Motion security and Data-everywhere security, our hosting needs for data, whether On-Prem or In-Cloud, needs a strategic approach.
Data Samudra, India’s first On-Demand & On-Requirement Flexible Data Centre offers a very unique approach to this challenge : Data-Residency as a Service (DRaaS). Storing data with fool proof security, encrypted keys and a tight controlled access are basics of DRaaS. Offering compliance to multiple laws like Data Protection, GDPR and Health Security, DRaaS provides a peace of mind for end users and their intermediaries. Data Samudra, located in one of the largest IT parks in Bangalore, has a very flexible yet secure approach to Data Security.
Data Samudra is a subsidiary of Teleindia Networks India Pvt Ltd, a Telecom services company with global operations, based at Bangalore. Teleindia has partnered with Merkado RHA Technologies Pvt Ltd, the Digital Transformation boutique firm, as its Global GTM partner.
For more information and data hosting needs, please reach out to firstname.lastname@example.org.