Indisputably, the cloud is a good place to store data for backups, long-term storage, and in case of a disaster. Cloud data management is a way to cope with data across cloud platforms, with or without on-premises storage. With cloud data management, resources can be acquired as needed. Data can also be shared between private clouds, public clouds, and storage on-site.
Some platforms can manage and use data in both the cloud and on-premises environments. However, cloud data management considers that the policies for data stored on-premises and in the cloud can be very different.
The cloud has its own rules about how to keep data safe and make sure it is correct. Traditional ways of managing data might not work in the cloud, so it’s important to have management in place that fits the cloud’s specific needs. Costs, data integrity, and security are just a few of the difficulties associated with cloud data management that are also linked with cloud technology.
Even though cloud security has gotten a lot better over the last few years, it’s still up to each organisation to make sure that only authorised users can access the data by setting up data access policies.
Moreover, organisations are increasingly recognising the value of shifting workloads to the cloud and leveraging the cloud’s agility to optimise new products and services. As organisations continue to migrate IT operations and applications to the cloud, there is a critical, strategic need for cloud-centric data management tools and platforms capable of managing all types of data.
Senior digital executives from Singapore’s public sector convened at the OpenGov Breakfast Insight on 27 October 2022, at InterContinental Singapore to gain up-to-date information on how organisations can power a comprehensive security strategy from management to architecture and technology to improve IT agility and efficiency.
Efficiency via Cloud Security, Compliance, and IT Policy Governance
Mohit Sagar, CEO & Editor-in-Chief, OpenGov Asia acknowledges that government agencies and businesses are undergoing the largest digital change in history.
Persistent geopolitical concerns and health crises have pushed governments into the next stage of digital transformation. Fueled by a massive influx in data, however, strong cloud data management is still one of the main issues for many agencies.
At the moment, the cloud is at the core of both the public and private sectors and data management is frequently regarded as a challenging problem.
Data breaches are still commonplace in the Asia Pacific Region and have affected many organisations in 2022 already. For instance, Singapore was sixth in the world last year for having the most datasets exposed, and the attack continues.
With this, organisations are becoming more conscious of data management as a strategic business imperative rather than just an IT duty because of ongoing data breach occurrences and stronger data management rules.
Singapore’s Government Technology Agency (GovTech) is upgrading the Government Commercial Cloud (GCC) service to facilitate the management and security of government agencies’ use of public cloud services. GCC 2.0 seeks to strengthen service enhancements in areas such as user onboarding and security, among others.
On the other hand, as the rate of technological advancement accelerates tremendously, security leaders face difficulties safeguarding remote workforces, shifting to the cloud, and achieving compliance. Hence, there is a demand for an optimised cloud migration solution for organisations.
Mohit recognises that as the landscape of cyberattacks continues to evolve, cybersecurity remains a crucial aspect in ensuring the viability and effectiveness of cloud migration. With a solid cloud data protection policy, organisations may meet these requirements by managing all identity access activities across cloud resources in an effective manner.
“There are many moving parts that need to be considered before a data strategy can be implemented. A wise approach to cloud data management requires extensive planning,” Mohit concludes.
The Needs for Smart and Secure Digital Solutions
Smart and secure digital solutions are essential today, according to David Chan, Managing Director, Adnovum Singapore. “Consumers will expect to obtain products and services via simple, secure digital solutions, regardless of the organisation.”
He emphasises that a digital service must be well-managed and maintained to remain secure. “If it does not respond to different threats, it will become more vulnerable and easier to compromise as time passes. Hence, vulnerability management and monitoring are two critical aspects of this.”
Adnovum, a Swiss software firm, was established in 1988 as a privately held joint stock business and presently employs 600 people worldwide. Adnovum Singapore was created in 2010 and currently employs 100 people in Singapore and Vietnam.
With over 30 years of hands-on experience in delivering such solutions, can assist those organisations in determining how to meet or even surpass their consumers’ expectations. The enterprise has spent many years focused on its core industries and have have obtained significant insights into sector-specific business difficulties and current industry trends.
Because of this, they can offer organisations the competitive advantage they require in today’s market. IT consulting, software solutions, identity and access management, IT security and application management are all areas of expertise for the enterprise.
Customers in Switzerland, Singapore, and other nations include both the private and public sectors, as well as all industries. Adnovum increased its operations in the public sector and the banking, insurance, transportation and logistics industries in 2021. However, 50 per cent of their clientele are FSI and government employees.
“Our clients include banks, insurance organisations, and the public sector, among others, that seek to distinguish themselves through unique digitalisation solutions,” reveals David.
Clients get comprehensive support for the rapid and secure digitalisation of business processes, from consultation and design through implementation and operation. Also among its primary skills are identity and access management and security consultancy.
Cybersecurity in the Context of Evolving Threat Vectors
Kenny Seah, Head of Identity Access Management and Security Consulting, Adnovum Singapore explained that a data breach is when confidential, private, protected, or sensitive information is given to someone who isn’t supposed to see it. “Theft of information from a person or organisation can be the result of a mistake or a deliberate act.”
For instance, an employee could accidentally share sensitive information or steal company data on purpose and give it to a third party or sell it. Or a hacker might steal sensitive information from a company’s database.
No matter what led to a data breach, the information that was stolen can help cybercriminals make money by selling it or using it as part of a bigger attack.
Information like bank account numbers, credit card numbers, personal health information and login information for email accounts and social networking sites are often lost or stolen when there is a data breach.
Such leaks can be very bad for businesses. Not only can they cost them money, but they can also hurt their reputation with customers, clients, and employees.
On top of that, organisations may also have to pay fines and deal with legal issues because data and privacy regulations are getting stricter.
Cyber risks can change every day, which can cause major problems for the whole organisation. With data insights and security controls, this could be avoided. Cloud data management manages data on cloud platforms with or without on-site storage. The cloud is a good place to store data for disaster recovery, backup and long-term archiving.
Purchasing resources on an as-needed basis is possible with cloud data management. Data can also be shared between private and public clouds and on-premises storage. A cloud-based data management system serves the same purpose as a traditional data management system that has been adapted to the cloud’s requirements.
Some platforms can manage and use data in both the cloud and on-premises environments. However, cloud data management considers that the policies for data stored on-premises and in the cloud can be very different.
Kenny shared the top 3 cloud data management challenges:
- Cloud Data Governance: Practicality across Hybrid & Cloud Environments
- Security, Protection & Monitoring of Sensitive Data Traversing to the Cloud
- Navigating through Piling Regulatory Mandates and Requirements
Along with the cloud data management, Kenny talked about the “Key Trends for 2022 and Beyond” that include a) Cybersecurity Mesh: Starting with Zero Trust Network/Architecture; b) Strengthening Identity & Access Management, Monitoring & Defense; and c) Distribution & Reframing of Cybersecurity Function.
Cyber security is the practice of safeguarding digital data and the computing infrastructure that processes or stores it as a necessary part of doing business, as many companies transmit sensitive data across networks and to other devices.
Companies and organisations, especially those entrusted with protecting sensitive data such as that related to national security, health, or financial records, need to take precautions to protect their valuable data as the number and sophistication of cyber-attacks increase.
Fireside Chat: Establishing a robust cloud data management strategy to prevent risks, achieve regulation compliance, and enhance data availability, accessibility, and security across multi and hybrid cloud environments
Huang Shaofei, Chief Information Security Officer, SMRT Corporation reiterated some of the benefits of cloud data management.
These include lowering data management costs; addressing data quality issues; centralising the organisation’s cloud data; scaling the data management resources based on current needs; utilising improved cybersecurity measures and technology and providing remote workers with simple access to the organisation’s cloud data.
An organisation can adjust its data management strategy to a cloud environment if it already has one. The most frequent modifications they must make are remote user access, the level of security required for various data types, regulatory requirements and data standardisation.
Establishing a clear cloud data management strategy will help organisations avoid risks, get around regulatory compliance obstacles and make informed decisions while also gaining the trust of their customers and citizens.
According to Shaofei, the need for trust is one of the biggest problems when it comes to getting organisations to use cloud computing. “Ask any CIO, and they will tell you that putting mission-critical systems in the public cloud presents significant challenges from a compliance, security and business standpoint due to a lack of visibility, auditability and verification for what happens to their data in the public cloud.”
When compared to traditional IT models, moving to a hybrid cloud presents significant challenges in interconnectivity, integration, data protection and management.
Many organisations are having trouble adapting their old processes, resources, and skills to hybrid, multi-cloud, and post-pandemic realities in the workplace, like remote work.
Resiliency means accepting failure and building the next steps that let the application respond to the event and get back to a fully functioning or optimal state as quickly as possible.
The degree of application resilience in the cloud and its relative importance to business continuity depends on several goals, requirements, and constraints that are influenced by the type of workload, the role of the users, and the organisation’s size and technical capabilities.
A cybersecurity strategy is a long-term plan outlining how an organisation will protect its assets over the coming years. Organisations must update their strategy as technology and cyber threats are subject to unpredictable change.
The goal of making and using a cybersecurity strategy is to make sure that assets are better protected. This usually means switching from a reactive security approach to a proactive one, where organisations focus more on preventing cyber-attacks and incidents than on responding to them after they happen.
The Singaporean government knows that each type of cloud computing offers its level of security and benefits. As a result, the nation’s cloud strategy entails adopting a multifaceted approach to cloud computing to harness the relevant cloud for the suitable requirement.
Closing Remarks
David emphasised the issue of uncertainty because of a variety of operational circumstances, particularly in cloud computing.
The use of cloud computing has affected resource allocation, node security communication, and secure storage, among many other things. The trust mechanism has successfully addressed the security issues with distributed computing by replacing conventional network security.
According to David, businesses moving to cloud computing – whether they’ve already done so or not -should be aware that they’re not just buying a particular good or service. “Instead, they’re forming a partnership with their cloud service provider. The cloud service provider for an organisation functions as an outpost of the IT division.”
The provider ought to be viewed as a reliable partner as a result. To make this happen, both the customer and the vendor must commit to open communication and transparency, which are typically unheard of when on-premise IT solutions are bought.
“You cannot derive commercial value from the data you collect if you do not foster trust throughout the data-sharing process,” says David.
Mohit feels that it is important for organisations to create trust-based procedures that instill high levels of faith in the data source as well as the data’s trustworthiness. “This enables you to integrate internal and external data utilisation with your company goals.”
Mohit is a massive believer in data sharing but security should come to it adding that “You cannot derive commercial value from the data you collect until you establish trust throughout the data-sharing process.”
