Regardless of industry or specialty, businesses will always need a way to store company and customer data. As more decision-makers are opting to implement storage services rather than investing in traditional on-site server solutions, distinct markets are emerging that did not exist not too long ago. Database experts, for example, are becoming more important to the success of IT solutions across sectors. This means they are being given more responsibility to make sure that networks are properly integrated and remain functioning at a high level of productivity.
The role of the database administrator evolves
While administrators were once responsible for a handful of database implementation and maintenance services, the job description for these professionals has expanded as rapidly as the market itself. According to a recent article from Insurance Journal, business continuity and data recovery are two of the major IT security concerns that companies want to focus on in light of this past year's natural disaster and data breach incidents. Risk management firms take the reliability of company networks into account when making their evaluations.
"Businesses in the U.S. are discovering that supply chains are becoming increasingly complex in a globalized world. Any disruption - be it due to natural catastrophes, IT/telecommunication outages, transportation issues, a supplier's bankruptcy or civil unrest - may lead to a snowball effect that can be devastating to their bottom line," regional manager for Allianz Risk Consulting Tom Varney told the news source. "Business continuity planning is critical and should be part of any risk manager's supplier selection process."
Integrating data is a top priority
The rise of big data has led businesses to seek deeper meanings in streams of information that were previously thought irrelevant. As companies want to store and access more data on the fly to analyze trends and customer behavior, database support services are often called upon to design, implement and maintain the solutions that best fit a business's needs. According to a recent report from B Eye Network, virtualization is the best way to integrate data that is fast, secure and capable of large work loads.
The new era of data storage will make latency a thing of the past, said B Eye Network. The best virtualization solutions will take a set of distinct databases and put them on a network that allows workers to seamlessly retrieve and change data as if they were using on-premise servers.
For many consumers, the 2013 holiday season was darkened by a high-profile data breach that hit Minnesota-based retail giant Target. According to The Huffington Post, the company's December 19th announcement revealing that 40 million customers' information had been stolen was not accurate. The corporation has since revised its statement to account for an additional 30 million customers, bringing the total number of people with exposed data up to 70 million. Besides payment card numbers, Target customers had personal information such as home and email addresses, phone numbers and names stolen by cyber attackers who have yet to be identified by authorities.
Determining the nature and origin of the breaches
As with many IT security concerns, Target is struggling to determine the specifics of the attack. The Huffington Post noted that while law enforcement officials are not positive about the details of the breach, many experts have suspected crime syndicates in Eastern Europe to be responsible. The Secret Service and Department of Justice are both working to get to the bottom of the incident but chose not to offer a comment when addressed by the news source this past weekend. In addition to the highly publicized Target data breach, three smaller retailers were also reported to have fallen victim to similar cyber attacks. Details about these recent incidents have not yet been made public, but authorities speculate they may be linked to the Target attacks.
More companies fall victim to attacks
Neiman Marcus is another large retail chain that experienced a recent data breach resulting in compromised customer information. According to a recent report from Krebs On Security, the Texas-based department store suffered an attack around mid-December. Despite hiring the assistance of a third-party security firm, the company still has not uncovered any clues about the size, duration or cause of the cyber attack. Neiman Marcus released a statement addressing customers about the incident.
"On January 1st, the forensics firm discovered evidence that the company was the victim of a criminal cyber-security intrusion and that some customers' cards were possibly compromised as a result. We have begun to contain the intrusion and have taken significant steps to further enhance information security. The security of our customers' information is always a priority and we sincerely regret any inconvenience."
Consumers who used bank cards with either of these companies should review their bank statements to ensure that no fraudulent activity has occurred.
The space and power needed to implement and maintain a high-tech data center can be a strain on any business with a tight budget. A significant portion of these budgets are already dedicated to the upkeep of older technology that needs to be looked after by specialized professionals and updated constantly to keep IT security concerns at bay. In addition, companies are always looking for more square footage to expand their physical presence and boost the effectiveness of cloud storage solutions.
Businesses need more space to house their IT equipment hubs
Real estate markets devoted to providing space to host IT equipment are expanding rapidly, according to a recent report from DataCenter Knowledge. Year-end results from Avison Young showed that the total leasing volume for wholesale data center suites increased 25 percent from 2012 to 2013, primarily due to increased demand from social media companies and businesses looking to build their cloud capabilities.
DataCenter Knowledge mentioned that demand for quality hosting space is pushing real estate deals out of traditional hubs in Virginia, Dallas and Silicon Valley. In the past year, deals exceeding 2 megawatts were closed in locations such as Sacramento, Atlanta, Denver, San Antonio and Houston. Twitter committed to a lease of 25 megawatts of data space, while Microsoft also expanded its operations by 17 megawatts over the course of three separate deals.
The amount of natural resources required to maintain databases increases
Companies often underestimate the sheer quantity of energy it takes to keep a database running efficiently and effectively. A recent report from DataCenter Dynamics revealed that a new NSA data center in Maryland uses up to 5 million gallons of water every day to cool its expansive collection of servers. In addition, the organization has facilities in Colorado that take up over 1 million square feet and require an extra 3 million gallons a day to keep cool. Businesses need to take these numbers into account so that they don't fall victim to paying more than they bargained for when signing leases.
While these numbers are certainly daunting, are organizations such as the NSA using water effectively? DataCenter Dynamics brought up Green Grid's Water Usage Effectiveness Metric (WUE) that helps determine whether this valuable resource is being maximally utilized. Both Facebook and eBay showed better WUE rates than the NSA, so the government may have to revise the way it cools its many data storage centers.
Bring-your-own-device policies are becoming more common as companies realize the importance of remote database access and mobile business applications. With more employees utilizing smartphone and tablet platforms, the IT market is shifting its focus to providing mobile solutions optimized to work with company networks and security measures. BYOD can deliver many benefits for both businesses and employees, but what should companies do to make sure they are maximizing the efficiency and safety of their remote access practices?
Understanding the good and bad of BYOD
It is no secret that BYOD is on the rise, but IT departments need to know the ups and downs that come with embracing the mobile platform as a tool for data flow and productivity. Microsoft recently cited a Gartner study revealing that 88 percent of executives say their employees use personal computing technologies for business purposes in and out of the office. Fewer executives reported having company-specific BYOD technology, with 62 percent of survey respondents claiming they have adopted customized platforms or plan to in the near future.
While many companies are hopping on the BYOD bandwagon, Microsoft urged organizations to educate themselves and their employees on the potential pitfalls of these solutions.
"The BYOD trend offers numerous benefits to users, including reduced costs, and the ability for enterprise workers to work with their preferred technology," Don Morrison, Director of U.S. Anti-Piracy for Microsoft stated in the release. "That said, BYOD does blur the lines between enterprise and personal computing, and can create security risks for businesses and the workers, so it's important to have best practices in place."
The best practices for phones, PCs and tablets
Microsoft suggested that IT strategists focus on implementing well-established BYOD services from reputable providers as a first step in mitigating risk. Employees should also be extra cautious when lending their devices to others. Even if remote access requires a password, sensitive company information still might be left over on a hard drive.
Phones present the biggest IT security concerns for companies offering BYOD solutions, according to LifeHacker. The articled noted that Gartner found PC sales to have dropped in favor of tablets, while smartphones still reign supreme and sell more every year. Between the three devices, however, remote solutions are an industry force to be reckoned with, as they are predicted to sell a combined 268 million units in 2015.
IT security concerns regarding the use of mobile platforms to access sensitive company information are being prioritized by companies around the world. Human Resources Journal recently explored a Cisco study revealing that 95 percent of executives in a 600-business survey allow workers to access company data and use business applications on their smartphones, tablets and laptops. Despite the vast majority of organizations adopting BYOD policies, network security has encountered difficulties in trying to keep up with the mobile revolution.
Companies weigh risks and rewards of BYOD implementation
Human Resources Journal explained the dilemma of business leaders who seek to increase productivity by letting employees work using their personal technology. The Cisco study showed that BYOD has brought an extra $300 to $1,300 annually to companies that opt for it, although IT expenditures are up 20 percent in the past few years as a result of mobile implementations. Decision-makers need to be aware of the differences between the varieties of smartphone, tablet and laptop use when it comes to mobilizing work forces.
"It's one thing to just let an employee-owned device on the [corporate Wi-Fi] network [for browsing or social networking] and not allow access to enterprise applications, and that penetration is pretty high," IDC analyst Rohit Mehra said in a statement for the report. "But the real proof in the pudding is how many users have true enterprise application access with their devices, and those numbers are still relatively low."
Taking preemptive action is key for networks utilizing BYOD
Instead of sticking with the same security measures used for internal networks, companies need to reconfigure their strategies to accomodate the new wave of mobile data and application use. According to a recent article from SC Magazine, smartphones are the primary targets for malicious software that attempts to steal private information belonging to individuals or corporations. New malware known as the 'XXXX' botnet has already been found on 23,856 smartphones and may have affected many more without user knowledge.
While the program was designed to gather information rather than utilize it for criminal purposes, sensitive company data should never have to be compromised. Businesses that implement loose BYOD security policies may fall victim to software similar to XXXX that could end up selling private data and customer information. Comprehensive database security measures are necessary for any company making changes to accommodate mobile platforms.
IT departments are given the unique challenge of anticipating infrastructure problems and network security issues before they occur. While many decision-makers choose to implement industry standard "best-practice" solutions to address IT security concerns, many businesses remain oblivious to the importance of real-time security assessments to uncover weak links in company networks and information databases.
What should business leaders be asking about their IT practices?
A recent article from Information Week warned IT leaders to avoid "if it ain't broke, don't fix it" mentalities when it comes to the security of vital company data. Applications and security measures can quickly become outdated, and the fact that a network has not yet experienced a data breach does not mean threats are nonexistent. The IT department is responsible for the technical efficiency and productivity of an entire company and should be actively seeking new methods to increase the effectiveness of applications and tighten security measures.
Because each organization is distinct in its structure, goals and philosophy, there really is no such thing as universal "best-practices." Information Week emphasized the role of IT strategists as the key players in the technological advancement of a company, bridging gaps between departments, partners and clients. By remaining satisfied with antiquated infrastructure and security, businesses are not only missing the opportunity to make effective changes, but likely devoting too many resources to the maintenance of systems that no longer function optimally.
Safe flow of data needs to be a top priority
With this in mind, decision-makers should not throw all of their current hardware and application suites out the window simply for the sake of bringing in the new. CSO recently urged business leaders to thoroughly assess their companies' strengths and weaknesses to find out which practices are working better than others. An effective first step in this process is for executives to determine what data is the most important to their business operations and prioritize the storage, accessibility and security of that information.
CSO also stressed the importance of positive employee and client engagement as a preemptive security measure. Cyber threats invariably occur due to malicious intent of an individual or group looking to damage or steal from a company. By keeping open channels of communication with clients and personnel, feedback will become available and more easily implemented into future IT strategies.
Companies tend to overlook the fact that stolen data and other vital information can be the result of malicious behavior on the part of their own employees. These IT security concerns may be a rude awakening to businesses that keep loose network policies for workers' convenience, but the reality is that businesses can never be too careful in their efforts to protect sensitive data. Even if an employee seems trustworthy during his or her time at an organization, allegiances can quickly shift when a new, more lucrative opportunity arises.
Every business would rather be safe than sorry
Because it is so difficult to monitor the behavior of workers without strict security policies, many companies fail to properly supervise their employees' use of data and which files they access. A recent article from Dark Reading explored a Stroz Friedberg study revealing the overwhelmingly lax state of network security with regard to databases and applications.
Around 90 percent of employees surveyed said that they use personal email addresses and public cloud networks to handle work-related material, while 58 percent revealed that they accidentally sent sensitive company information to the wrong recipient. Some individuals surveyed openly admitted to sending similar information to others at will. These are numbers that should not be tolerated by any IT security strategists, let alone business executives.
"Our inaugural information security survey demonstrates that companies need to address high-risk security behaviors within the workplace at all levels with a proactive risk mitigation plan," Michael Patsalos-Fox, CEO of Stroz Friedberg, stated in the report.
Threats exist from the bottom to the top
Low-level employees are too often subjected to scrutiny by C-suite executives looking to mitigate insider threats, but the Stroz Friedberg report showed that more than half of senior managers said they had brought sensitive company resources with them to their next job. Only 20 percent of lower-level workers made the same claim.
Bank Info Security recently provided business leaders with a series of suggestions to help reduce the ever-increasing risk of insider threat. In light of this past year's developments at the National Security Agency, the article urged IT departments to steer clear of government contracts when partnering up to run background checks on employees. Examinations cannot be thorough enough. Although workers may be bothered by exhaustive amounts of monitoring, companies will be thankful for these policies down the line.
There is no denying the great potential that cloud services represents for financial institutions. Banks and other service-based companies constantly handle heavy flows of data. Many smaller organizations are under pressure to meet growing expectations to efficiently store and utilize relevant information. Cloud solutions are easy to use, cheap to maintain and can be quickly implemented by database administration experts. With this in mind, what is keeping so many finance firms from embracing the trend that is changing the face of the enterprise IT industry?
Banks are skeptical of cloud security and control over data
A main source of concern for financial organizations when it comes to adopting cloud services is the security and maintenance of company and client information. By outsourcing data solutions many banks feel that they run a higher risk of falling victim to a cyber attack or fraudulent employee schemes. According to Computer Weekly, these IT security concerns are certainly warranted but financiers are not putting enough trust in the protection that modern cloud services have developed.
Comprehensive legal regulations represent a major benchmark for cloud adoption in the financial sector. Currently, laws applicable to outsourcing are the same ones used in regulating cloud service payment plans and implementations. Computer Weekly stated that banks are looking for tighter legal parameters to be established before they take their data and applications to the cloud. Kemp Little commercial technology partner Paul Hinton explained the tentative attitude that banks appear to express toward cloud services.
"These are potential loss of control, availability and access to data, data security, data location, auditing and exits," Hinton told the news source. "There are a lot of efforts to create [legal] standards and hopefully we will have them soon. This is good, but they are not here now and may not be for a while."
How safe is it to adopt cloud services?
While major cloud data breaches are few and far between, there have certainly been some high-profile cases in recent memory. According to The Australian, industry leaders are trying their best to put these worries to rest. Maryland-based IT security firm SafeNet claimed that it protected over $1 trillion in transactions this past year without a hitch. Banks willing to take a leap of faith with the current state of cloud solutions sign up for a high-risk, high-reward situation.
As the enterprise software industry moves away from traditional methods of storage, cloud solutions have revolutionized the way that companies approach database administration. IT giant Oracle continues to post impressive numbers as market demand for cloud storage and applications increases. The corporation's second quarter revenue of $9.28 outpaced analysts' predictions of $9.18 billion, climbing 2 percent from the previous quarter, according to Bloomberg.
Over the past ten years, Oracle CEO Larry Ellison has bought over 100 companies at a total cost of $50 billion in order to remain a powerful force in the world of database software solutions. Staying ahead of times has allowed the company to thrive in a highly competitive and fast-moving industry. In addition to offering cloud storage and applications, Oracle also entered the hardware market after acquiring Sun Microsystems in 2010. While their computer servers have produced consistent revenue, Bloomberg noted that hardware sales did not see a significant boost in the second quarter.
Offering every cloud implementation imaginable
The storage and application needs of companies are highly diverse, and part of Oracle's success is due to this acknowledgement. By accounting for a wide variety of cloud requirements, the company has attracted business from firms across industries and around the world. A recent Forbes article highlighted the ways that Oracle has excelled in providing systems, applications and everything in between.
"We think these three product areas – database, cloud applications [bookings up 35 percent], and engineered systems [bookings up almost 35 percent] – will drive Oracle's growth in calendar 2014," Ellison told the news source. He proceeded to elaborate on his strategies. "We'll continue to expand our footprint… Oracle's Fusion cloud applications for HCM, CRM and ERP all have a new simplified user interface, and an integrated social network that makes our enterprise applications as easy-to-use and familiar as Facebook, while enabling better collaboration and teamwork among your employees and your customers.
Setting goals and targeting competition
Between Microsoft and Amazon, Oracle knows that it is up against resilient competitors. IBM and SAP also pose a threat to their hardware and application lines. By continuing to expand on the legacy systems of Sun Microsystems and perfecting the cross-platform integration of their database solutions, the company is confident in its ability to beat out these other industry leaders. At the rate the company is growing, this might be a reality in the near future.
Database quality is no longer a concern exclusive to private enterprise. Any industry requiring efficient data storage and accessibility can benefit from database management services, and health care is the latest to hop on the IT bandwagon. A recent article from Information Week explored a Markets and Markets report predicting that the North American health IT (HIT) market will reach a total value of $31.3 billion in 2017, rising from $21.9 billion in 2012. This equates to a 7.4 percent annual compounded growth rate, three quarters of which is driven by U.S. HIT revenue.
What is driving the HIT industry to new heights?
The healthcare industry has long been dominated by paper-based methods that now seem outdated and wasteful. Now that the market is responding to the demand for HIT products and services, the health sector will soon have access to innovative technology that rivals the best in private enterprise. Information Week noted a variety of advancements expected to change the face of HIT in years to come. Among the most promising are clinical information systems, picture archive communications systems and computerized physician order entry systems.
Information Week cited additional factors that will play into the expansion of the HIT industry such as an increase in chronic disease, an aging North American population and the financial backing of American and Canadian governments. With a bevy of new payment and storage options available to healthcare professionals, electronic health records (EHR) are also predicted to fade away as outsourced data and cloud solutions become the norm.
HIT will benefit large medical centers and private practices alike
The future of health IT is not only for major hospitals and universities. According to a recent AAFP report, HIT is providing key tools for neighborhood practices and family physicians across the country. As the concept of the patient-centered medical home became a reality in 2013, HIT played a major role in connecting patients, doctors and larger institutions to coordinate the most effective methods of treatment and support.
Besides offering open channels of communication and a wider variety of medical resources, HIT is also a key factor in the way physicians are approaching billing, payment and staffing concerns. With healthcare regulations constantly in flux, having a central system to track and distribute doctors' working hours and time on-call is a big benefit. HIT is another example of an increasingly interconnected, digital world.
Cloud storage solutions take many forms, and business can be easily overwhelmed by the variety of options available. Times have changed since companies were only able to store their data using on-site servers and private networks. Advancements in Storage-as-a-Service and Infrastructure-as-a-Service solutions have lightened the burden of heavy data storage and saved companies up the schedules of many in-house IT professionals.
Irrelevant data drags down business operations
With increasingly complex analytics available to companies every day, it is a constant challenge to deal with an abundance of information while trying to pinpoint what data can actually be useful. Enterprise Storage Forum suggested that hybrid cloud solutions might be the answer to these common storage problems. By utilizing both on-premise applications and cloud storage, companies can store and access relevant files without wasting excess resources on holding outdated information.
Although IT departments are already experimenting with multiple cloud implementations both private and public, hybrid cloud solutions are unique in that they are offered in Database-as-a-Service form instead of in isolated parts. The advantage of this model is that businesses can save money and time by avoiding the compatibility problems and IT security concerns that can arise with integrating disparate services. Enterprise Storage Forum also noted that hybrid cloud solutions are much more easily implemented and feature better scalability options for business that need to remain agile.
Private clouds remain a viable, secure option
While industry speculation suggests that the market will soon abandon private cloud storage solutions for public and hybrid options, there is still a large share devoted to serving companies that want to retain complete control of their analytics and customer information. Search Cloud Storage recently interviewed Storage Switzerland founder George Crump, who shared his thoughts on the ways businesses will be utilizing what the cloud has to offer.
"For the IT managers I interface with, they're still in a large part in the investigative mode," Crump told the news source. "I always tell people that when I get bored talking about, it's about the time users are ready to start implementing. Backup and archive are clearly the number one and two that we're seeing. And I do think the SharePoint and email via Exchange and others will probably be the next big ones."
Whether on-premise, off-premise or a combination of both, the cloud is living up to its high expectations. Business leaders should expect cloud solutions to saturate more aspects of their operations as 2014 presses on.
While cloud solutions were originally reserved for private enterprise implementations, more businesses are utilizing public and hybrid cloud models to suit their database needs. Maintaining exclusively private cloud deployments is no longer a viable option. This gradual shift from private to public cloud options is gaining steam as 2014 rolls along, according to a recent report from InfoWorld.
What are the advantages of a public cloud?
Businesses once thought that private cloud deployments meant greater control and agility to access their own data and customer information. IT security concerns also prevented companies from taking to the public cloud. However, InfoWorld revealed that these ideas are quickly becoming outdated as public cloud options start to offer faster, cheaper and often more secure data storage solutions.
InfoWorld cited Amazon Web Services (AWS), Google and Microsoft as primary examples of public cloud service providers, with AWS leading the way. In fact, Amazon and Google only offer public cloud solutions while Microsoft still provides both. While many companies are making the switch over to public cloud, most are keeping some private and combining services in a hybrid model.
Although industry leaders are pushing data solutions into the public sphere, private cloud solutions will likely never disappear from the market entirely. InfoWorld noted that this portion of the IT industry is still expanding and doing better than ever. Still, their prediction that the public cloud will take the lead in the coming years is echoed in the IT decisions of many businesses.
Public cloud conveniences do not come without some disadvantages
Even thought the benefits of a public cloud are clear for businesses, many users are raising eyebrows at the trend to shift away from private database solutions. According to a recent article from The Advocate, social media application SnapChat experienced a cyber attack in which 4.6 million usernames and phone numbers were stolen and published in the public domain. The service, which is a public cloud, knew the risks associated with its data storage methods but chose to ignore them.
Other social media networks such as Facebook and Google Plus are public clouds as well. The Advocate explained that these services take advantage of personal information by selling it to advertisers and other online marketers.
"A public cloud is where very large infrastructure is being used to provide the service from any location, so you don't know where the clouds are," Stan Kaine, CEO of information technology company Point Duty, told the news source. "If those things are a concern to you, then do your own research."
It is a constant challenge for businesses to address all of their IT security concerns. Even if a company network is secure, there is always a chance that a database has already been hacked, according to a recent report from Forbes. The FBI notifies several hundred companies and organizations every year to inform them that they have been the victims of cybercrimes or other intrusions.
Forbes stated that most of these companies were unaware that there had been a breach of any kind, a problem that the news source attributed to a lack of knowledge on the part of company CEOs. When upper management knows the details of their security strategy, businesses can defend themselves against attacks proactively and know exactly when something has gone wrong.
Every attack happens for a reason
Hackers rarely attempt to stage a cyber attack without a compelling reason. Forbes listed the examples of why organizations might be targeted by an attacker. Other organizations might be after technology or competing companies might want to steal money and customer information. There is also the possibility of a data breach by a foreign government or a destructive attack from an activist organization.
According to a recent article from The Next Web, a relatively new industry buzzword has arisen in light of growing pressure for companies to increase their security: Advanced Persistent Threat (APT). With large amounts of assets and intellectual property at stake, organizations need to be extra cautious of attacks that involve remote control software designed to grant hackers continuous access to a company network or database.
The Next Web explained that traditional form of security such as firewalls and intrusion prevention systems are ineffective against APTs, and that companies need to find new ways of defending themselves in years to come.
Businesses have more choices for data storage than ever before, and with many platforms operating within an organization comes a new host of IT security concerns. According to the Economic Times, the recent wave of new database management solutions is changing the way organizations approach their security strategies. The report cited McAfee as naming data center security as a top priority for modern businesses.
"Resultantly, they will face the reality of securing data that moves between server, storage and networking resources (physical and virtual) of next-generation data centres," McAfee said in its report. "BYOD needs to be looked at from different dimensions, like data loss prevention, network access control, internal intrusion prevention systems, authentication system, internal firewalls, securing Wi-Fi, etc."
BYOD remains a security concern for many organizations trying to transition to mobile platforms. The Economic Times mentioned that while many businesses will want a single security solution for these issues, it is very unlikely. With a predicted 50 billion IP-connected devices by 2020 (an increase from 1 billion in 2012), companies should start reconsidering the ways they address their IT security,
New threats require new security solutions
Because business are used to relying on stand-alone security features to protect their databases, many of the systems in place are not adequate for combating threats that arise from the use of mobile platforms. Since cloud-based solutions are also becoming an industry standard, businesses need to take the concern of remote database security into account.
According to a recent report from InformationWeek, the cloud represents just as large of a vulnerability as mobile devices in the next generation of database security. Because both of these advancement signal movements away from isolated, physical devices, corporate networks need to take them into equal consideration when preparing their strategies of defense. Weaknesses resulting from this shift are often overlooked and need to be addressed sooner than later.
InformationWeek provided advice to organizations looking to preemptively address forthcoming attacks from hackers, organized crime and state-sponsored initiatives that will surely attempt to exploit the vulnerabilities of these remote solutions. Businesses were recommended to start by classifying their data, categorizing by confidential, public, client and employee personal information to make sure each type is secured according to mandated government or industry compliance. Developing strong contractual agreements with companies providing any outsourced services is also essential.