With cyber-crime at its peak, is the cloud really secure?
With cyber-crime at its peak, is the cloud really secure?

A “new data culture” was promised by the introduction of cloud technologies, however this hasn't quite taken off to the level promised to the enterprise market.


The de-perimeterisation of infrastructure is moving along, albeit at a slower pace than the great leap forward envisaged, but the same cannot really be said of data itself. Cloud architectural models have evolved from hosted hardware through to sophisticated virtual, multi-tenant services, but along with that has come new and increasingly high profile threats to the security of data being managed across these networks.


Enterprises traditionally develop private, purpose built IT “fortresses”, secured by isolation and both physical and virtual perimeters. Through this silo mentality came the belief that trust could be obtained within these highly controlled environments. This datacentre model would include scale-up, proprietary hardware orientated architecture where business services were limited to a physical unit. “Locking the cabinet” provided comfort against external threats.


Whilst there is no doubt this type of isolation provides some security, modern business no longer happens in proprietary siloed methods. Other business partners, clients and systems are highly distributed, and the idea of centralising is against the modern  business trajectory. Agile and fast moving new “cloud native” entrants are global from the beginning and are focused on consumer grade engagement. The ease of use is core to their success.


Employees within enterprises are not immune to the influence of modern collaborative practice of course, and so naturally find ways around perimeter restrictions – creating a modern epidemic of ‘shadow IT' and workarounds across data borders, and in many cases these businesses have lost control of their vital data assets.  


Countless examples abound of intercompany and extra-company data sharing that punch holes straight through the “secure” perimeters and make a mockery of the once hallowed silo walls, no matter how much the IT department's double down on protocols. CSV files can still be extracted and sent via email, or downloaded onto a CD and sent physically to a partner.


This activity isn't malicious - it's simply a necessary way to break the chains on the valuable enterprise data contained within each isolated silo, and to maintain a competitive edge over more agile rivals.


Every week there is a high profile data leak, which is stressful for data controllers. Many a high profile brand has been at the receiving end of sophisticated hackers taking advantage of these ‘workarounds'.


Standing still is not an option, and over time any type of security system will degrade. More and more managers simply demand access and availability to data right across their networks, whether that be system data or personal records, to allow them the insight and knowledge to compete.


So digital transformation for data, I believe, is not a question of if but of when.


How can you control and monitor effectively what's happening to your data once it's ‘released' to the cloud? How do you create trust in an untrusted environment?


A new technology may hold the key. Blockchains, or more specifically distributed ledger technologies, are not really a new innovation, but the way they have mainly been used previously has been as the underwriting ledger to crypto currencies like bitcoins. Huge public shared ledgers that deliver trust in an open and uncontrolled environment, where the distributed results and grouped consensus is derived to determine the integrity of the absolute result.


As it happens the underlying principles are perfect for creating data integrity across an enterprise's value chain, and a small number of firms are developing these ‘enterprise blockchains': private, permission-based ledgers that maintain the consensus architecture and high governance, whilst dropping the unnecessary and energy-sapping public computing side.


What's more, the data logic in the platforms being built upon these ledgers means that highly sophisticated and encrypted methods of authorisation and authentication can be built in, allowing not only consent-based distribution of personal information (by the owner), but limited access rights to any such information by any particular sanctioned 3rd party. Not only would the ledger have a complete immutable record of what has happened to that data, but the software can also control who has access, when and what is shared.


It's early days for these systems, but it certainly seems that distributed ledger technologies could pave the way for finally allowing the de-perimeterisation of data to safely follow the de-perimeterisation of infrastructure on the cloud.


Contributed by Ian Smith, CEO &Founder at Gospel Technology 

*Note: The views expressed in this blog are those of the author and do not necessarily reflect the views of SC Media or Haymarket Media.