Technology continues to envelop our daily lives, in business, at home, in leisure and athletics, across the globe and into space. Despite wide ranging benefits, corporate entities and individual consumers alike have begun to recognize the risks inherent in digital services.
I recently spoke at a Daniels Fund conference panel about ethics in business. A student remarked, “I have access to so much data in the workplace. How can you protect from a bad apple stealing your information?”
Ethics is the key to protecting from these types of internal threats — and it helps your company handle external threats as well.
Gartner has even named Digital Ethics and Privacy as their Number 9 trend on the Top 10 Strategic Technology Trends for 2019. They recognize this growing awareness of the value of personal information and concern among various entities and individuals over how personal and sensitive data is being consumed, processed, and shared among public and private organizations.
Gartner’s advice? Move from asking “Are we secure?” or “Are we compliant with regulations?” to asking “Are we doing the right thing?”
Your data is your business. Your databases, and the data-driven applications that leverage them, should be regularly audited for vulnerabilities. One of the top risks facing your data today is SQL injection (SQLi). According to the 2018 Verizon Data Breach Incident Report (DBIR), SQLi was the second most common form of hacking varieties within information breaches, exceeded only by stolen credentials.
This attack vector involves the exploit of programmatic weaknesses in applications to run unintended code to manipulate your backend SQL databases, and thus access information or even gain administrative access and credentials.
Any application that uses SQL could be subject to this type of attack, from simple websites to SaaS apps like your CRM and ERP — even VoIP systems. This attack is also not limited to applications exposed to the internet. Internal applications are prime targets for attackers who have breached your external boundary (e.g., through phishing).
There are myriad technical considerations when deciding how to architect and deploy your cloud infrastructure, but your business structure, size, strategy, and industry are also significant factors.
You don’t need to take a deep dive into technical evaluations of each workload to choose between public cloud and a hybrid or private infrastructure. It’s possible that your business practices will make that decision for you before you ever get to individual app/system analysis.
Here are the business traits to consider as you weigh your cloud options.
Microsoft’s products “SCCM” and “SCOM” sound like confusingly-named twins, but try to get past your first impression of them as a set in identical dresses posing for a portrait. It is true that they are in the same Microsoft system center family, but each has its own distinctive traits and roles.
As more and more businesses move their applications and associated data to the cloud, managing all that information becomes more complicated.
IT no longer has complete control and insight over every aspect of the datastore; instead as multiple cloud providers are implemented and endpoint data is served and collected from widely-flung users and workstations, you’re likely to run into compatibility and versioning issues between various databases and storage platforms. The data management problem grows even larger as multicloud, the Internet of Things, and Big Data initiatives rise in popularity and real-world applicability.
Three ways to get all your ever-growing databases and datastores on the same page are data federation, data hubs, and data lakes. What are the differences between each, and what are some pros and cons of their use?