We are creating some awesome events for you. Kindly bear with us.

Improving security posture amid a global pandemic

The adoption of cloud computing across Southeast Asia has expanded in terms of services offered and the number of industry competitors entering the market. According to reports, the cloud computing market revenue in the region is estimated to reach US$ 40.32 billion by 2025.

Cloud technology is popular because it is cheaper than installing local servers and it allows regional companies to connect and compete on the global platform. Additionally, at least 57% of large enterprises in Singapore intend to move their finance systems to the cloud. The report also found that one-third (33%) of these companies expect to do so in the next six to 12 months.

However, with the rapid cloud adoption, it holds to logic that cyberattacks are also on the rise. Over a fifth, (21%), of businesses in the country, saw more cyberattacks during the crisis. This landscape necessitates a new optic where the risk profiles of organisations are prioritised and protecting sensitive data and its resources are critical more than ever.

With this phenomenal growth, there is more data in more places and it all must be protected. Data security and residency demand in Singapore are continuously growing as businesses expand. Customers assume and expect that when utilising digital programs and services, their personal information is safe.  IT and business leaders want to know where data is being stored to have more control over how it is being managed and protected. Thus, the need for better data integration and protection technology. With the vast amounts of information and data to collect, work with and safeguard, organisations in the country are increasingly embracing a multi-cloud strategy and cloud-based software as a service (SaaS) – exactly where ServiceNow fits in.

ServiceNow satisfies Singapore organisations’ demands to drive business-wide transformation in highly regulated industries with the Now Platform, available on Microsoft Azure Regions, in Singapore, certified to Singapore’s cloud security standard – the Multi-Tier Cloud Security Standard (MTCS).

The MTCS Standard for Singapore was prepared under the direction of the Information Technology Standards Committee (ITSC) of the Infocomm Development Authority of Singapore (IDA). The ITSC promotes and facilitates national programs to standardise IT and communications and Singapore’s participation in international standardisation activities.

Generally, MTCS provides a framework to enable cloud service providers are safeguarding customer data and meeting the necessary government regulations of Singapore. For many, embracing MTCS is not only about compliance – even those who are not formally required to comply with MTCS are beginning to use it. Industries like financial services, healthcare, and the public sector want to prove that they are looking for robust ways to protect private data.

MTCS Level 3 – an elite standard for data protection

Not all cloud security standards are created equal. MTCS’ tiered approach accounts for this by providing different security levels. It ranges from a lower cost, baseline option (Level 1) to an extremely rigorous certification (Level 3).

To achieve Level 3 standards, cloud services companies must pass an audit conducted by an authorised third-party Certifying Body (CB). The assessor reviews the breadth of the CSP’s Information Security policies and procedures to determine that the CSP has designed effective security controls in compliance with MTCS requirements. The auditors also review an entire suite of evidence to confirm that these controls have been implemented and operating effectively.

For example, if an organisation’s policy claims to conduct background checks on all employees, the assessor will ask for proof. They may request a list of 100 employees onboarded during the audit period and randomly select individuals from the list to review and test that those background screenings were conducted comprehensively and appropriately. This means that the organisation will need to provide evidence that proves they are complying with the MTCS requirements.

ServiceNow is certified to Level 3, the highest level in the MTCS certification tiering.

Advancing data protection in Singapore with ServiceNow.

It is no longer enough to have one area of the business under secure measures – organisations need security controls across the entire infrastructure. Having strong encryption and appropriate access controls allows Singapore organisations to prevent threat actors from unauthorised access – and ServiceNow provides these capabilities.

The company provides a clear picture of how the platform’s architecture is built, so users know where their data is being hosted and who has access to that data. With this, clients are the custodian of their data and they maintain control over who is permitted to access their data and when.

Multiple encryption solutions for the protection of data are also on the table. For example, with Edge Encryption, customers can configure fields and attachments for encryption, manage encryption keys and rules, and schedule mass encryption jobs from the admin console to mitigate data leakage. Even in the worst-case scenario, if a user experiences a significant data breach or cybersecurity attack, the data will remain encrypted upon exposure, preventing unauthorised parties from being able to read or understand the confidential information and all its content.

With the platform in place, customers can keep data within Singapore, meeting the growing demand for data residency. Government, financial services, and other highly regulated customers’ can accelerate their digital transformation while meeting MTCS Level 3 requirements and data residency laws. And by adopting and complying with the highest level of certification standards, the company meets customers’ data protection needs.

Successful partnerships are built on trust, and the company has a global team of dedicated security, privacy and compliance experts that protect data every hour of every day of the year. As cyber threats and compliance needs evolve, ServiceNow will identify, prioritise, and respond to threats faster, while complying with global standards to help everyone embrace data security and maintain confidence in the cloud.

Learn more about how ServiceNow protects data for organisations in highly regulated industries.

Send this to a friend