KEEP UP TO DATE WITH ALL THE IMPORTANT COVID-19 INFORMATIONCOVID-19 RESOURCE PORTAL

FANews
FANews
RELATED CATEGORIES
Category Technology
SUB CATEGORIES DigiMags - Systems |  General |  Magazine |  Systems | 

Trust in the cloud

08 June 2022 BankservAfrica

The current world events highlight the need for trust more than ever in key digital infrastructures. BankservAfrica’s Chief Information Officer, Portia Matsena shares how this relates to the cloud.

As the military conflict between Ukraine and Russia nears almost four months, another war is waging - virtually.

According to cyber risk analytics expert, CyberCube, these cyber-attacks have affected multiple Ukrainian critical infrastructure, government services, banks and telecoms. The use of cyberweapons, including ‘wiper’ malware, have been fired in an attempt to lower the country’s defences and destabilise the country.

But the extremities in this cyber war – which has the potential to spill over into other countries - highlight the importance of cyber security for key digital infrastructure to prevent the risk of such attacks on organisations.

According to an IBM Security report, the average cost of a data breach in South Africa is the highest in the southern hemisphere at $3.21 million. Data breaches that have hit several South African organisations in the last months prove organisations can’t afford to let their guard down.

Building the trust
In these hyperconnected times, high security is a must for organisations on a journey to fast-track their digital transformation by investing more in shared infrastructure such as the cloud.

The adoption and interest in the public cloud have reached sky-high levels among organisations seeking to achieve economies of scale and reduce costs. Gartner expects global cloud revenue to total $474 billion in 2022, from $408 billion in 2021. South Africa is no exception to this, as more organisations are pursuing operations in the cloud.

But the cloud brings a whole new dimension. The weak links in the interconnected networks must be considered.

As Anton Chuvakin and Il-Sung Lee put in a Google Cloud blog: ‘At their core, many cloud security and cloud computing discussions ultimately distil to trust. This concept of trust is much bigger than cyber security and even bigger than a triad of security, privacy, and compliance’.

One can deduce that the level of adoption of the cloud is centred on trust. Ironically, trust in the cloud is a paradox, as the saying goes: ‘to trust cloud computing, you need to be able to trust it less’. Indeed security, compliance controls and privacy all contribute to trust in cloud computing.

Take the example of deciding between the public or private cloud. When an entity has control over its main encryption key, trust is built around that technology, leading one to believe that an on-premises environment is more trusted even though a public cloud can be immeasurably more secure.

Allowing customers to have direct control over key access is another way to enhance trust in the cloud. As noted in the Google blog, specifically by retaining control of the keys, a cloud customer gains the ability to cut off cloud data processing by preventing key access. This is again important for both actual threats and security/trust signalling.

But what about achieving cloud trust across borders? In other words, trust in the cloud provider based on the country in which they are located or under whose laws they operate? This is where trust moves outside the digital domain into a broader world. Our trust-requirement-reducing approach works here as well. If no one other than the customer has the keys, nobody can compel any third party (including a cloud provider) to reveal the keys and the sensitive data.

The bottom line of trust
Operating in the cloud has revolutionised the way organisations modernise their infrastructure. But like with all new technologies, some threats can lead to a full-blown cyberwar and incur massive costs, liabilities and reputational harm.

At the end of the day, trust in the cloud is built by the cloud provider but it is also up to organisations. They need to consider what they need and how they plan to deploy it in the early days of adoption. The bottom line is that keeping trust at the core of all decision-making will put many in a better position in the digital race.

Portia Matsena is Chief Information Officer at BankservAfrica

Quick Polls

QUESTION

A recent discussion on the ‘successful intermediary of tomorrow’ offered some tips to help financial and risk advice practices to thrive through 2022 and beyond. Which of the following do you think will give your practice an edge over the competition?

ANSWER

Achieving cost and scale through digitalisation
Offering customisable product solutions to meet customers’ unique needs
Specialising in one advice discipline only
All of the above
fanews magazine
FAnews June 2022 Get the latest issue of FAnews

This month's headlines

A free smoothie does not make a loyal customer
Consequential loss policy court cases
Everything you need to know about death, disability and severe illness cover post-emigration
Are advisers doing all they can for clients’ portfolios?
Financial advisers need help - navigating the complex ESG fund environment
Subscribe now