Expert view: How to protect your data in the cloud
The cloud is not the problem, says Alex Williams, director new business sales, Transactor
All businesses understand how service failure and downtime on critical systems can have huge implications, but is The Cloud really the problem?
Let’s not forget that onsite hosting presents its own security challenges, as well as a high IT resource overhead, and cloud technology was initially welcomed to help alleviate these pressures. Now, with Big Data, the increasing availability of multiple services and platforms via API technology, and the demand from businesses for more scalable hosting solutions it seems that The Cloud will continue to grow in popularity, with onsite solutions limited to larger enterprises.
So the answer is progression rather than regression, and although it is a software provider’s fundamental responsibility to provide a stable, secure service for its clients, the industry as a whole should collectively build a greater awareness of resilience and data security. The BIBA Broker System Resilience Project should acknowledge the need for greater regulation but brokers have a duty to insist on certain minimum requirements from their hosting provider:
1. Client databases should be held in a cluster split across at least two fully redundant, geographically dispersed datacentres. Updates should be written to both datacentres simultaneously ensuring zero data loss in the event of a failure.
2. All datacentres should have backup power supplies that can run indefinitely in the event of a mains power loss.
3. Failover tests should be performed regularly for all datacentres.
4. Your service provider should have a robust, well-tested disaster recovery plan for their own operations, as well as your service provision.
Following several high profile hacks and well-publicised global political events the UK Government has urged senior business leaders to prioritise cybersecurity as part of their strategic objectives in 2017 and beyond. Cybersecurity is considered one of the primary threats to UK businesses and the insurance industry should be encouraged to take a pro-active approach to prevention, rather than waiting for its own scandal to occur. There are a range of modern standards which businesses can implement, including ISO Compliance and naturally, software houses should lead by example.
Cloud technology is not broken, it’s flourishing and it’s here to stay. Rather than dismissing its weaknesses or casting the technology aside completely ask yourself, is your technology provider doing enough to protect your data?