With high-profile data breaches occurring with alarming frequency, companies are looking for security solutions and paying top dollar to ensure their data is safe. This means that IT budgets are expanding, along with a cyber security market that is seeing more growth than ever. According to a recent article from VentureBeat, companies can no longer afford to take shortcuts with regard to their IT security concerns. Cyber threats are becoming more dangerous every year and businesses need to prepare for the worst if they want to keep their data safe from harm.
Capitalizing on vulnerabilities
Although security is not a new phenomenon in the IT industry, it has become significantly more important for firms in the past year. VentureBeat pointed to recent Target and Snapchat breaches which revealed the personal information of 70 million and 4.6 million individuals respectively. Companies have shown that they are placing more emphasis on security by boosting their budgets. While they spent $65 billion last year, analysts predict that number will be closer to $93 billion by 2016.
The news source explained that cybersecurity is catching up with computing, communications and storage as one of the main pillars of the high-tech industry, coming a long way from the 1990's when data breach concerns and consequences were at a minimum. More investors are also looking to hop on the cybersecurity bandwagon as $1.4 billion was funneled into 239 separate startups in 2013 with over 80 firms coming away with an average of ten times return on original investment via IPO or acquisitions.
Can companies find enough talent?
A major challenge that comes with a rapidly expanding market is the quest for professionals to fill the demanding positions that become available. A recent article from Economic Times cited a Cisco report that revealed a shortage of over 1 million cybersecurity professionals in 2013 as the result of heightened IT security concerns. The study showed that the overall threat of cyberattacks has grown consistently since 2000 and reached a new peak this past year.
"In 2013 there was an unprecedented growth of advanced attacks and malicious traffic that unfortunately reached historic levels," Cisco Leader Security Business Diwakar Dayal told the news source. "In India itself we are seeing a shortage of close to 400,000 cyber warriors as per CERT report in September last year. Over 1,000 times, the Indian government websites have been breached for past 3 years."
After such high incident rates in 2013, increased IT budgets are certainly warranted.
In 2013, big data initiatives acquired a lot of attention, though not all of it was in a positive light. Many organizations that were unfamiliar with the landscape were misled by false perceptions about the business intelligence, data warehousing and general management strategies that are required to make the most of big data. If businesses want to succeed with these programs in 2014, decision-makers will need to be careful to avoid the myths that plagued companies last year.
A recent Information Management report highlighted some of these misconceptions, noting that one of the largest challenges derived from big data's name itself. Specifically, many executives thought that the more digital resources they gathered, the better chance they had at acquiring a competitive advantage and optimizing performance. While there is a scrap of truth in this logic, it is largely unfounded and therefore irrelevant.
In truth, not all data is the same, which means that the-more-the-merrier reasoning doesn't really apply. Information Management noted that companies need to prioritize quality, not quantity. This means that organizations need proactive and innovative business intelligence strategies to ensure they only analyze resources that will provide some sort of return in the long run.
Big data is not an enterprise issue
In addition to the thought that large volumes create greater results, decision-makers also tended to believe that big data was really only applicable in the enterprise, Information Management reported. This is far from the truth, as organizations of all sizes and industries have the potential to develop business intelligence endeavors that allow teams to gather, manage and analyze new types of information to optimize operations on multiple levels within their firms.
A separate CompTIA report highlighted how companies of all sizes can benefit from launching big data initiatives, though many teams will need to develop a better strategy in 2014. Specifically, the study found that 8 percent of executives said they require better real-time analytics to convert meaningless information into useful insight.
"Data has always been important in the business world, but the big data trend has elevated its importance, pushing companies to be smarter in how they manage and use data," said Tim Herbert, vice president of research and market intelligence at CompTIA.
By understanding what organizations did wrong in 2013, decision-makers can build better big data, business intelligence and analytic projects in 2014 to give their teams an edge in the years to come.
RDX's business intelligence and big data experts assist customers in leveraging data contained in large data stores. For more information, please visit our Business Intelligence and Predictive Analytics pages or contact us.
Regardless of industry or specialty, businesses will always need a way to store company and customer data. As more decision-makers are opting to implement storage services rather than investing in traditional on-site server solutions, distinct markets are emerging that did not exist not too long ago. Database experts, for example, are becoming more important to the success of IT solutions across sectors. This means they are being given more responsibility to make sure that networks are properly integrated and remain functioning at a high level of productivity.
The role of the database administrator evolves
While administrators were once responsible for a handful of database implementation and maintenance services, the job description for these professionals has expanded as rapidly as the market itself. According to a recent article from Insurance Journal, business continuity and data recovery are two of the major IT security concerns that companies want to focus on in light of this past year's natural disaster and data breach incidents. Risk management firms take the reliability of company networks into account when making their evaluations.
"Businesses in the U.S. are discovering that supply chains are becoming increasingly complex in a globalized world. Any disruption - be it due to natural catastrophes, IT/telecommunication outages, transportation issues, a supplier's bankruptcy or civil unrest - may lead to a snowball effect that can be devastating to their bottom line," regional manager for Allianz Risk Consulting Tom Varney told the news source. "Business continuity planning is critical and should be part of any risk manager's supplier selection process."
Integrating data is a top priority
The rise of big data has led businesses to seek deeper meanings in streams of information that were previously thought irrelevant. As companies want to store and access more data on the fly to analyze trends and customer behavior, database support services are often called upon to design, implement and maintain the solutions that best fit a business's needs. According to a recent report from B Eye Network, virtualization is the best way to integrate data that is fast, secure and capable of large work loads.
The new era of data storage will make latency a thing of the past, said B Eye Network. The best virtualization solutions will take a set of distinct databases and put them on a network that allows workers to seamlessly retrieve and change data as if they were using on-premise servers.
For many consumers, the 2013 holiday season was darkened by a high-profile data breach that hit Minnesota-based retail giant Target. According to The Huffington Post, the company's December 19th announcement revealing that 40 million customers' information had been stolen was not accurate. The corporation has since revised its statement to account for an additional 30 million customers, bringing the total number of people with exposed data up to 70 million. Besides payment card numbers, Target customers had personal information such as home and email addresses, phone numbers and names stolen by cyber attackers who have yet to be identified by authorities.
Determining the nature and origin of the breaches
As with many IT security concerns, Target is struggling to determine the specifics of the attack. The Huffington Post noted that while law enforcement officials are not positive about the details of the breach, many experts have suspected crime syndicates in Eastern Europe to be responsible. The Secret Service and Department of Justice are both working to get to the bottom of the incident but chose not to offer a comment when addressed by the news source this past weekend. In addition to the highly publicized Target data breach, three smaller retailers were also reported to have fallen victim to similar cyber attacks. Details about these recent incidents have not yet been made public, but authorities speculate they may be linked to the Target attacks.
More companies fall victim to attacks
Neiman Marcus is another large retail chain that experienced a recent data breach resulting in compromised customer information. According to a recent report from Krebs On Security, the Texas-based department store suffered an attack around mid-December. Despite hiring the assistance of a third-party security firm, the company still has not uncovered any clues about the size, duration or cause of the cyber attack. Neiman Marcus released a statement addressing customers about the incident.
"On January 1st, the forensics firm discovered evidence that the company was the victim of a criminal cyber-security intrusion and that some customers' cards were possibly compromised as a result. We have begun to contain the intrusion and have taken significant steps to further enhance information security. The security of our customers' information is always a priority and we sincerely regret any inconvenience."
Consumers who used bank cards with either of these companies should review their bank statements to ensure that no fraudulent activity has occurred.
The space and power needed to implement and maintain a high-tech data center can be a strain on any business with a tight budget. A significant portion of these budgets are already dedicated to the upkeep of older technology that needs to be looked after by specialized professionals and updated constantly to keep IT security concerns at bay. In addition, companies are always looking for more square footage to expand their physical presence and boost the effectiveness of cloud storage solutions.
Businesses need more space to house their IT equipment hubs
Real estate markets devoted to providing space to host IT equipment are expanding rapidly, according to a recent report from DataCenter Knowledge. Year-end results from Avison Young showed that the total leasing volume for wholesale data center suites increased 25 percent from 2012 to 2013, primarily due to increased demand from social media companies and businesses looking to build their cloud capabilities.
DataCenter Knowledge mentioned that demand for quality hosting space is pushing real estate deals out of traditional hubs in Virginia, Dallas and Silicon Valley. In the past year, deals exceeding 2 megawatts were closed in locations such as Sacramento, Atlanta, Denver, San Antonio and Houston. Twitter committed to a lease of 25 megawatts of data space, while Microsoft also expanded its operations by 17 megawatts over the course of three separate deals.
The amount of natural resources required to maintain databases increases
Companies often underestimate the sheer quantity of energy it takes to keep a database running efficiently and effectively. A recent report from DataCenter Dynamics revealed that a new NSA data center in Maryland uses up to 5 million gallons of water every day to cool its expansive collection of servers. In addition, the organization has facilities in Colorado that take up over 1 million square feet and require an extra 3 million gallons a day to keep cool. Businesses need to take these numbers into account so that they don't fall victim to paying more than they bargained for when signing leases.
While these numbers are certainly daunting, are organizations such as the NSA using water effectively? DataCenter Dynamics brought up Green Grid's Water Usage Effectiveness Metric (WUE) that helps determine whether this valuable resource is being maximally utilized. Both Facebook and eBay showed better WUE rates than the NSA, so the government may have to revise the way it cools its many data storage centers.
Bring-your-own-device policies are becoming more common as companies realize the importance of remote database access and mobile business applications. With more employees utilizing smartphone and tablet platforms, the IT market is shifting its focus to providing mobile solutions optimized to work with company networks and security measures. BYOD can deliver many benefits for both businesses and employees, but what should companies do to make sure they are maximizing the efficiency and safety of their remote access practices?
Understanding the good and bad of BYOD
It is no secret that BYOD is on the rise, but IT departments need to know the ups and downs that come with embracing the mobile platform as a tool for data flow and productivity. Microsoft recently cited a Gartner study revealing that 88 percent of executives say their employees use personal computing technologies for business purposes in and out of the office. Fewer executives reported having company-specific BYOD technology, with 62 percent of survey respondents claiming they have adopted customized platforms or plan to in the near future.
While many companies are hopping on the BYOD bandwagon, Microsoft urged organizations to educate themselves and their employees on the potential pitfalls of these solutions.
"The BYOD trend offers numerous benefits to users, including reduced costs, and the ability for enterprise workers to work with their preferred technology," Don Morrison, Director of U.S. Anti-Piracy for Microsoft stated in the release. "That said, BYOD does blur the lines between enterprise and personal computing, and can create security risks for businesses and the workers, so it's important to have best practices in place."
The best practices for phones, PCs and tablets
Microsoft suggested that IT strategists focus on implementing well-established BYOD services from reputable providers as a first step in mitigating risk. Employees should also be extra cautious when lending their devices to others. Even if remote access requires a password, sensitive company information still might be left over on a hard drive.
Phones present the biggest IT security concerns for companies offering BYOD solutions, according to LifeHacker. The articled noted that Gartner found PC sales to have dropped in favor of tablets, while smartphones still reign supreme and sell more every year. Between the three devices, however, remote solutions are an industry force to be reckoned with, as they are predicted to sell a combined 268 million units in 2015.
IT security concerns regarding the use of mobile platforms to access sensitive company information are being prioritized by companies around the world. Human Resources Journal recently explored a Cisco study revealing that 95 percent of executives in a 600-business survey allow workers to access company data and use business applications on their smartphones, tablets and laptops. Despite the vast majority of organizations adopting BYOD policies, network security has encountered difficulties in trying to keep up with the mobile revolution.
Companies weigh risks and rewards of BYOD implementation
Human Resources Journal explained the dilemma of business leaders who seek to increase productivity by letting employees work using their personal technology. The Cisco study showed that BYOD has brought an extra $300 to $1,300 annually to companies that opt for it, although IT expenditures are up 20 percent in the past few years as a result of mobile implementations. Decision-makers need to be aware of the differences between the varieties of smartphone, tablet and laptop use when it comes to mobilizing work forces.
"It's one thing to just let an employee-owned device on the [corporate Wi-Fi] network [for browsing or social networking] and not allow access to enterprise applications, and that penetration is pretty high," IDC analyst Rohit Mehra said in a statement for the report. "But the real proof in the pudding is how many users have true enterprise application access with their devices, and those numbers are still relatively low."
Taking preemptive action is key for networks utilizing BYOD
Instead of sticking with the same security measures used for internal networks, companies need to reconfigure their strategies to accomodate the new wave of mobile data and application use. According to a recent article from SC Magazine, smartphones are the primary targets for malicious software that attempts to steal private information belonging to individuals or corporations. New malware known as the 'XXXX' botnet has already been found on 23,856 smartphones and may have affected many more without user knowledge.
While the program was designed to gather information rather than utilize it for criminal purposes, sensitive company data should never have to be compromised. Businesses that implement loose BYOD security policies may fall victim to software similar to XXXX that could end up selling private data and customer information. Comprehensive database security measures are necessary for any company making changes to accommodate mobile platforms.
IT departments are given the unique challenge of anticipating infrastructure problems and network security issues before they occur. While many decision-makers choose to implement industry standard "best-practice" solutions to address IT security concerns, many businesses remain oblivious to the importance of real-time security assessments to uncover weak links in company networks and information databases.
What should business leaders be asking about their IT practices?
A recent article from Information Week warned IT leaders to avoid "if it ain't broke, don't fix it" mentalities when it comes to the security of vital company data. Applications and security measures can quickly become outdated, and the fact that a network has not yet experienced a data breach does not mean threats are nonexistent. The IT department is responsible for the technical efficiency and productivity of an entire company and should be actively seeking new methods to increase the effectiveness of applications and tighten security measures.
Because each organization is distinct in its structure, goals and philosophy, there really is no such thing as universal "best-practices." Information Week emphasized the role of IT strategists as the key players in the technological advancement of a company, bridging gaps between departments, partners and clients. By remaining satisfied with antiquated infrastructure and security, businesses are not only missing the opportunity to make effective changes, but likely devoting too many resources to the maintenance of systems that no longer function optimally.
Safe flow of data needs to be a top priority
With this in mind, decision-makers should not throw all of their current hardware and application suites out the window simply for the sake of bringing in the new. CSO recently urged business leaders to thoroughly assess their companies' strengths and weaknesses to find out which practices are working better than others. An effective first step in this process is for executives to determine what data is the most important to their business operations and prioritize the storage, accessibility and security of that information.
CSO also stressed the importance of positive employee and client engagement as a preemptive security measure. Cyber threats invariably occur due to malicious intent of an individual or group looking to damage or steal from a company. By keeping open channels of communication with clients and personnel, feedback will become available and more easily implemented into future IT strategies.
Companies tend to overlook the fact that stolen data and other vital information can be the result of malicious behavior on the part of their own employees. These IT security concerns may be a rude awakening to businesses that keep loose network policies for workers' convenience, but the reality is that businesses can never be too careful in their efforts to protect sensitive data. Even if an employee seems trustworthy during his or her time at an organization, allegiances can quickly shift when a new, more lucrative opportunity arises.
Every business would rather be safe than sorry
Because it is so difficult to monitor the behavior of workers without strict security policies, many companies fail to properly supervise their employees' use of data and which files they access. A recent article from Dark Reading explored a Stroz Friedberg study revealing the overwhelmingly lax state of network security with regard to databases and applications.
Around 90 percent of employees surveyed said that they use personal email addresses and public cloud networks to handle work-related material, while 58 percent revealed that they accidentally sent sensitive company information to the wrong recipient. Some individuals surveyed openly admitted to sending similar information to others at will. These are numbers that should not be tolerated by any IT security strategists, let alone business executives.
"Our inaugural information security survey demonstrates that companies need to address high-risk security behaviors within the workplace at all levels with a proactive risk mitigation plan," Michael Patsalos-Fox, CEO of Stroz Friedberg, stated in the report.
Threats exist from the bottom to the top
Low-level employees are too often subjected to scrutiny by C-suite executives looking to mitigate insider threats, but the Stroz Friedberg report showed that more than half of senior managers said they had brought sensitive company resources with them to their next job. Only 20 percent of lower-level workers made the same claim.
Bank Info Security recently provided business leaders with a series of suggestions to help reduce the ever-increasing risk of insider threat. In light of this past year's developments at the National Security Agency, the article urged IT departments to steer clear of government contracts when partnering up to run background checks on employees. Examinations cannot be thorough enough. Although workers may be bothered by exhaustive amounts of monitoring, companies will be thankful for these policies down the line.
There is no denying the great potential that cloud services represents for financial institutions. Banks and other service-based companies constantly handle heavy flows of data. Many smaller organizations are under pressure to meet growing expectations to efficiently store and utilize relevant information. Cloud solutions are easy to use, cheap to maintain and can be quickly implemented by database administration experts. With this in mind, what is keeping so many finance firms from embracing the trend that is changing the face of the enterprise IT industry?
Banks are skeptical of cloud security and control over data
A main source of concern for financial organizations when it comes to adopting cloud services is the security and maintenance of company and client information. By outsourcing data solutions many banks feel that they run a higher risk of falling victim to a cyber attack or fraudulent employee schemes. According to Computer Weekly, these IT security concerns are certainly warranted but financiers are not putting enough trust in the protection that modern cloud services have developed.
Comprehensive legal regulations represent a major benchmark for cloud adoption in the financial sector. Currently, laws applicable to outsourcing are the same ones used in regulating cloud service payment plans and implementations. Computer Weekly stated that banks are looking for tighter legal parameters to be established before they take their data and applications to the cloud. Kemp Little commercial technology partner Paul Hinton explained the tentative attitude that banks appear to express toward cloud services.
"These are potential loss of control, availability and access to data, data security, data location, auditing and exits," Hinton told the news source. "There are a lot of efforts to create [legal] standards and hopefully we will have them soon. This is good, but they are not here now and may not be for a while."
How safe is it to adopt cloud services?
While major cloud data breaches are few and far between, there have certainly been some high-profile cases in recent memory. According to The Australian, industry leaders are trying their best to put these worries to rest. Maryland-based IT security firm SafeNet claimed that it protected over $1 trillion in transactions this past year without a hitch. Banks willing to take a leap of faith with the current state of cloud solutions sign up for a high-risk, high-reward situation.
As the enterprise software industry moves away from traditional methods of storage, cloud solutions have revolutionized the way that companies approach database administration. IT giant Oracle continues to post impressive numbers as market demand for cloud storage and applications increases. The corporation's second quarter revenue of $9.28 outpaced analysts' predictions of $9.18 billion, climbing 2 percent from the previous quarter, according to Bloomberg.
Over the past ten years, Oracle CEO Larry Ellison has bought over 100 companies at a total cost of $50 billion in order to remain a powerful force in the world of database software solutions. Staying ahead of times has allowed the company to thrive in a highly competitive and fast-moving industry. In addition to offering cloud storage and applications, Oracle also entered the hardware market after acquiring Sun Microsystems in 2010. While their computer servers have produced consistent revenue, Bloomberg noted that hardware sales did not see a significant boost in the second quarter.
Offering every cloud implementation imaginable
The storage and application needs of companies are highly diverse, and part of Oracle's success is due to this acknowledgement. By accounting for a wide variety of cloud requirements, the company has attracted business from firms across industries and around the world. A recent Forbes article highlighted the ways that Oracle has excelled in providing systems, applications and everything in between.
"We think these three product areas – database, cloud applications [bookings up 35 percent], and engineered systems [bookings up almost 35 percent] – will drive Oracle's growth in calendar 2014," Ellison told the news source. He proceeded to elaborate on his strategies. "We'll continue to expand our footprint… Oracle's Fusion cloud applications for HCM, CRM and ERP all have a new simplified user interface, and an integrated social network that makes our enterprise applications as easy-to-use and familiar as Facebook, while enabling better collaboration and teamwork among your employees and your customers.
Setting goals and targeting competition
Between Microsoft and Amazon, Oracle knows that it is up against resilient competitors. IBM and SAP also pose a threat to their hardware and application lines. By continuing to expand on the legacy systems of Sun Microsystems and perfecting the cross-platform integration of their database solutions, the company is confident in its ability to beat out these other industry leaders. At the rate the company is growing, this might be a reality in the near future.
Database quality is no longer a concern exclusive to private enterprise. Any industry requiring efficient data storage and accessibility can benefit from database management services, and health care is the latest to hop on the IT bandwagon. A recent article from Information Week explored a Markets and Markets report predicting that the North American health IT (HIT) market will reach a total value of $31.3 billion in 2017, rising from $21.9 billion in 2012. This equates to a 7.4 percent annual compounded growth rate, three quarters of which is driven by U.S. HIT revenue.
What is driving the HIT industry to new heights?
The healthcare industry has long been dominated by paper-based methods that now seem outdated and wasteful. Now that the market is responding to the demand for HIT products and services, the health sector will soon have access to innovative technology that rivals the best in private enterprise. Information Week noted a variety of advancements expected to change the face of HIT in years to come. Among the most promising are clinical information systems, picture archive communications systems and computerized physician order entry systems.
Information Week cited additional factors that will play into the expansion of the HIT industry such as an increase in chronic disease, an aging North American population and the financial backing of American and Canadian governments. With a bevy of new payment and storage options available to healthcare professionals, electronic health records (EHR) are also predicted to fade away as outsourced data and cloud solutions become the norm.
HIT will benefit large medical centers and private practices alike
The future of health IT is not only for major hospitals and universities. According to a recent AAFP report, HIT is providing key tools for neighborhood practices and family physicians across the country. As the concept of the patient-centered medical home became a reality in 2013, HIT played a major role in connecting patients, doctors and larger institutions to coordinate the most effective methods of treatment and support.
Besides offering open channels of communication and a wider variety of medical resources, HIT is also a key factor in the way physicians are approaching billing, payment and staffing concerns. With healthcare regulations constantly in flux, having a central system to track and distribute doctors' working hours and time on-call is a big benefit. HIT is another example of an increasingly interconnected, digital world.
Cloud storage solutions take many forms, and business can be easily overwhelmed by the variety of options available. Times have changed since companies were only able to store their data using on-site servers and private networks. Advancements in Storage-as-a-Service and Infrastructure-as-a-Service solutions have lightened the burden of heavy data storage and saved companies up the schedules of many in-house IT professionals.
Irrelevant data drags down business operations
With increasingly complex analytics available to companies every day, it is a constant challenge to deal with an abundance of information while trying to pinpoint what data can actually be useful. Enterprise Storage Forum suggested that hybrid cloud solutions might be the answer to these common storage problems. By utilizing both on-premise applications and cloud storage, companies can store and access relevant files without wasting excess resources on holding outdated information.
Although IT departments are already experimenting with multiple cloud implementations both private and public, hybrid cloud solutions are unique in that they are offered in Database-as-a-Service form instead of in isolated parts. The advantage of this model is that businesses can save money and time by avoiding the compatibility problems and IT security concerns that can arise with integrating disparate services. Enterprise Storage Forum also noted that hybrid cloud solutions are much more easily implemented and feature better scalability options for business that need to remain agile.
Private clouds remain a viable, secure option
While industry speculation suggests that the market will soon abandon private cloud storage solutions for public and hybrid options, there is still a large share devoted to serving companies that want to retain complete control of their analytics and customer information. Search Cloud Storage recently interviewed Storage Switzerland founder George Crump, who shared his thoughts on the ways businesses will be utilizing what the cloud has to offer.
"For the IT managers I interface with, they're still in a large part in the investigative mode," Crump told the news source. "I always tell people that when I get bored talking about, it's about the time users are ready to start implementing. Backup and archive are clearly the number one and two that we're seeing. And I do think the SharePoint and email via Exchange and others will probably be the next big ones."
Whether on-premise, off-premise or a combination of both, the cloud is living up to its high expectations. Business leaders should expect cloud solutions to saturate more aspects of their operations as 2014 presses on.
While cloud solutions were originally reserved for private enterprise implementations, more businesses are utilizing public and hybrid cloud models to suit their database needs. Maintaining exclusively private cloud deployments is no longer a viable option. This gradual shift from private to public cloud options is gaining steam as 2014 rolls along, according to a recent report from InfoWorld.
What are the advantages of a public cloud?
Businesses once thought that private cloud deployments meant greater control and agility to access their own data and customer information. IT security concerns also prevented companies from taking to the public cloud. However, InfoWorld revealed that these ideas are quickly becoming outdated as public cloud options start to offer faster, cheaper and often more secure data storage solutions.
InfoWorld cited Amazon Web Services (AWS), Google and Microsoft as primary examples of public cloud service providers, with AWS leading the way. In fact, Amazon and Google only offer public cloud solutions while Microsoft still provides both. While many companies are making the switch over to public cloud, most are keeping some private and combining services in a hybrid model.
Although industry leaders are pushing data solutions into the public sphere, private cloud solutions will likely never disappear from the market entirely. InfoWorld noted that this portion of the IT industry is still expanding and doing better than ever. Still, their prediction that the public cloud will take the lead in the coming years is echoed in the IT decisions of many businesses.
Public cloud conveniences do not come without some disadvantages
Even thought the benefits of a public cloud are clear for businesses, many users are raising eyebrows at the trend to shift away from private database solutions. According to a recent article from The Advocate, social media application SnapChat experienced a cyber attack in which 4.6 million usernames and phone numbers were stolen and published in the public domain. The service, which is a public cloud, knew the risks associated with its data storage methods but chose to ignore them.
Other social media networks such as Facebook and Google Plus are public clouds as well. The Advocate explained that these services take advantage of personal information by selling it to advertisers and other online marketers.
"A public cloud is where very large infrastructure is being used to provide the service from any location, so you don't know where the clouds are," Stan Kaine, CEO of information technology company Point Duty, told the news source. "If those things are a concern to you, then do your own research."
It is a constant challenge for businesses to address all of their IT security concerns. Even if a company network is secure, there is always a chance that a database has already been hacked, according to a recent report from Forbes. The FBI notifies several hundred companies and organizations every year to inform them that they have been the victims of cybercrimes or other intrusions.
Forbes stated that most of these companies were unaware that there had been a breach of any kind, a problem that the news source attributed to a lack of knowledge on the part of company CEOs. When upper management knows the details of their security strategy, businesses can defend themselves against attacks proactively and know exactly when something has gone wrong.
Every attack happens for a reason
Hackers rarely attempt to stage a cyber attack without a compelling reason. Forbes listed the examples of why organizations might be targeted by an attacker. Other organizations might be after technology or competing companies might want to steal money and customer information. There is also the possibility of a data breach by a foreign government or a destructive attack from an activist organization.
According to a recent article from The Next Web, a relatively new industry buzzword has arisen in light of growing pressure for companies to increase their security: Advanced Persistent Threat (APT). With large amounts of assets and intellectual property at stake, organizations need to be extra cautious of attacks that involve remote control software designed to grant hackers continuous access to a company network or database.
The Next Web explained that traditional form of security such as firewalls and intrusion prevention systems are ineffective against APTs, and that companies need to find new ways of defending themselves in years to come.
Businesses have more choices for data storage than ever before, and with many platforms operating within an organization comes a new host of IT security concerns. According to the Economic Times, the recent wave of new database management solutions is changing the way organizations approach their security strategies. The report cited McAfee as naming data center security as a top priority for modern businesses.
"Resultantly, they will face the reality of securing data that moves between server, storage and networking resources (physical and virtual) of next-generation data centres," McAfee said in its report. "BYOD needs to be looked at from different dimensions, like data loss prevention, network access control, internal intrusion prevention systems, authentication system, internal firewalls, securing Wi-Fi, etc."
BYOD remains a security concern for many organizations trying to transition to mobile platforms. The Economic Times mentioned that while many businesses will want a single security solution for these issues, it is very unlikely. With a predicted 50 billion IP-connected devices by 2020 (an increase from 1 billion in 2012), companies should start reconsidering the ways they address their IT security,
New threats require new security solutions
Because business are used to relying on stand-alone security features to protect their databases, many of the systems in place are not adequate for combating threats that arise from the use of mobile platforms. Since cloud-based solutions are also becoming an industry standard, businesses need to take the concern of remote database security into account.
According to a recent report from InformationWeek, the cloud represents just as large of a vulnerability as mobile devices in the next generation of database security. Because both of these advancement signal movements away from isolated, physical devices, corporate networks need to take them into equal consideration when preparing their strategies of defense. Weaknesses resulting from this shift are often overlooked and need to be addressed sooner than later.
InformationWeek provided advice to organizations looking to preemptively address forthcoming attacks from hackers, organized crime and state-sponsored initiatives that will surely attempt to exploit the vulnerabilities of these remote solutions. Businesses were recommended to start by classifying their data, categorizing by confidential, public, client and employee personal information to make sure each type is secured according to mandated government or industry compliance. Developing strong contractual agreements with companies providing any outsourced services is also essential.
Private enterprise is not the only sector demanding database administration services. Now that cloud-based software suites are becoming a mainstream feature within most organizations, nonprofit associations are realizing that they can also benefit from these systems. According to a recent article from Huffington Post, it might be easier and cheaper than board members think.
Nonprofits are often strapped for cash, but while the initial integration of cloud services might be pricey, the long term returns on investment appear to be well worth it. Huffington Post noted that cloud solutions have come a long way in 10 years, advancing from a fragmented array of stand-alone services to fully integrated, streamlined software suites that can be tailored to the exact specifications of a given organization.
How can nonprofits benefit from these services?
The applications of cloud-based technology are obvious for business leaders but may not be so apparent when crossing over to the nonprofit sector. A recent report from ERP Cloud News explained how subscription software services can be especially helpful for nonprofit organizations. Not only can membership management software help associations plan for upcoming events and nominate team leaders, it makes it easier to keep track of resources, volunteers and contributors.
When nonprofit groupsmove to the cloud they also get a peek into the world of big data, allowing them to view metrics and gain insight into the details of how they are performing. Having the ability to view this information remotely via mobile and tablet platforms will also be key for organizations that operate in the field rather more than an office. ERP Cloud News mentioned that implementing these new solutions may take time and extra cooperation on the part of staff and volunteers, but the end results will pay off for everyone.
The concept of the cloud is no longer new, but business leaders are still trying to understand the nuances that make cloud implementation distinct from traditional IT infrastructure. Despite some skepticism and uncertainty regarding IT security concerns, businesses' trust in the cloud has gradually increased over the past year or so, according to a ComputerWorld blog.
The U.S. federal government led the way in the cloud revolution, setting a precedent for businesses to follow. Even though there seems to be general agreement that cloud solutions are the best way to store and access data, ComputerWorld detailed important criteria for businesses to use when assessing their cloud services of choice.
Assessing the effectiveness of cloud services
Now that cloud immersion is imminent, companies need to determine what cloud strategies best fit their business needs. ComputerWorld emphasized that when deciding between on-premise or off-premise cloud storage, performance, control and cost are the three main factors that should be considered.
Assessing cloud storage performance is critical, especially when going off-premise. ComputerWorld warned businesses using these outsourced solutions that rates of data transmission are not the same as those found in on-premise databases. Not only could this add up to cost more in the long run, but customers looking to access data may be dissatisfied by sluggish performance.
Pricing plans and security maintenance can cause headaches
With so many companies switching over to cloud-based solutions, IT professionals should not expect to catch a break anytime soon. ComputerWorld noted that even though businesses are transferring control of their storage to an off-premise location, there is always the chance of cloud security breaches exposing data to cybercriminals and state-sponsored attacks. Proper database administration is essential when making the transition to off-premise solutions.
Cloud pricing is also not an easy thing to grasp for a company first exposed to the storage-as-a-service (SaaS) model. A recent report from CIO Insight revealed that executives are finding it difficult to adapt to the new methods of pricing used for cloud-based services.
"Cloud has long been thought as analogous to electricity, allowing consumers to 'plug-in' and consume IT resources, paying only for what they need," Owen Rogers, cloud economist at 451 Research told the news source. "Unfortunately, the IaaS market is far, far away from being a utility, and there is a confusing array of pricing methods, chargeable line items, metrics and pre-configured bundles."
As with any major industry shift, it will take time for businesses to get used to assessing and pricing quality cloud solutions.
A breach can be the biggest of IT security concerns for a large company or organization housing large stores of data, especially when much of that information belongs to customers. If that customer information is financial or highly personal, an organization might have a lot more problems on their hands. For California's Cottage Health System, this is exactly what happened when they began notifying 32,755 patients that their data may have been exposed, according to eSecurity Planet.
After a third-party vendor made the mistake of removing electronic security measures from one of the health service provider's servers, much of the organization's data was made vulnerable. Cottage Health System did not realize this until they received a message that their one of their customer's private records were available in the public domain, easily found on Google. Among the personal information exposed were names, addresses, birthdays, diagnoses and lab results from procedures performed at nearby California Hospitals. While no financial information was leaked, these personal details were very private.
Retail stores also targeted by cybercriminals
While private medical information is certainly sensitive material that shouldn't be exposed, letting financial details loose can be even more detrimental for a company. Department store giant Target recently fell victim to a large data breach resulting in a possible 40 million customers' payment card information being stolen by attackers, according to Network World. The company said that any purchases made on a payment card between November 27 to December 15 could have been compromised in this breach.
"We began investigating the incident as soon as we learned of it," explained Target in a statement. "We have determined that the information involved in this incident included customer name, credit or debit card number, and the card's expiration data and CW (the three-digit security code). "You should remain vigilant for incidents of fraud and identity theft by regularly reviewing your account statements and monitoring free credit reports."
Shaken consumer confidence is never a good sign for companies. Target offered an open customer support call line to provide assistance to anyone who saw unusual activity on their statements or received calls from their banks. Although many customers ended up safe from the fraud, exposed information can always be used by attackers in the future. Whether it is credit, debit or health insurance cards, customers should always be cautious when swiping.
With more businesses opting for private cloud software solutions, skepticism about implementing the new technology is dissipating across industries. According to a recent report from Information Week, private cloud solutions are being adopted at a rapid rate with the percentage of enterprises running functioning cloud services rising from 21 percent to 47 percent in the past year. With more than twice the number of companies opting for these strategies, analysts are predicting that private clouds will soon be a universal standard for any business handling large amounts of data.
InformationWeek noted that the transition from in-house database management to private cloud based approaches was a relatively quick one, especially for an industry that typically takes its time to test and scrutinize new options. The news source's Private Cloud Survey saw that it took about two years for double the amount of organizations to adopt cloud based solutions, pushed along by the steady growth of new operating systems and database management services.
The ever-expanding cloud gets even bigger
A big part of the rapid adoption of cloud services is the wide range of options that enterprises have to choose from, allowing businesses to pick the best fit for their database management needs. Among the major contenders noted by InformationWeek were OpenStack, CloudStack and VMware's vSphere. With plenty of choices, why are some companies holding back from moving to the cloud? Most survey respondents stated that they don't need it or that it did not fit their business model. These companies might not realize the cost benefits of making the transition.
Some businesses avoiding the cloud hype might be warranted in their wariness, but problems will come up for IT managers regardless of their preferred tech solutions. According to an infographic from Cloud Tweaks based on information from Axcient, database IT issues are keeping many tech employees from enjoying their time off. Seventy two percent of vacationing IT professionals have had their private time interrupted by technology problems coming up in the office, mainly concerning network connectivity and server crashes. Security breaches and network downtime were some other problems that ruined vacations, and some were even called into work for issues resulting from natural disasters.
IT workers are not the only ones who suffer the consequences of these tech problems. Downtime cost companies an average of $163,674 per hour last year, affecting productivity and sometimes damaging the reputation of a business.