Cloud Native - Design, Delivery and Management of Applications

Cloud Native – Design, Delivery and Management of Applications

Going cloud native, the right way Moving from a traditional IT organization to one that’s cloud native is an inevitability for all businesses. This is because all real software innovation is now cloud-first or cloud-only, so organizations that rely on innovation to succeed – and
6 Best Practices For Increasing Security In AWS In A Zero Trust World

6 Best Practices For Increasing Security In AWS In A Zero Trust World

AWS Security Best Practices Enterprises are rapidly accelerating the pace at which they’re moving workloads to Amazon Web Services (AWS) for greater cost, scale and speed advantages. And while AWS leads all others as the enterprise public cloud platform of choice, they and all Infrastructure-as-a-Service (IaaS) providers

Living In A Post-Safe Harbor World

With the striking down of the Safe Harbor agreement in October, we have seen the tip of a data privacy iceberg whose global implications will play out well into the new year. In 2016, U.S. businesses can expect a regulatory domino effect that will occur region by region, as more governments will take steps to protect citizen data, preserve national security interests, and build legal fences to protect local businesses. These evolving rules will be determined within various governments, with different privacy concerns driving each set of regulations. It’s likely to produce more chaos before consistency.

As we close out 2015, representatives from the EU Commission and the U.S. have been working on the terms of a new data-transfer framework that will meet the EU court’s requirements. For U.S. businesses, January 31, 2016 will be when things really get interesting. That’s the deadline for the European Commission to agree on new Safe Harbor rules with the U.S. Right now, EU officials are still seeking greater clarity regarding the extent to which U.S. national security services can access European citizens’ data. If no agreement can be hammered out by this deadline, companies are will have to find an alternative to Safe Harbor or face non-compliance fines.

What does this mean for cloud providers and their customers? Consider that Europe’s General Data Protection Regulation (GDPR), legislation that is supposed to be finalized by the end of the year, will govern both data controllers (typically, companies that gather and control how data is used) and data processors (for example, cloud storage providers), no matter where they are based. The GDPR will also restrict and control how EU citizens’ personal data is shared outside the European Economic Area.

From a U.S. business perspective, the GDPR is fraught with compliance risks. The latest draft of the GDPR call for fines of up to two percent of annual revenue for companies that violate the rules, raising the distinct possibility of billion dollar penalties enforced to make examples out of organizations that continue to be careless with private data. To put this into perspective, a company like Monsanto could face fines up to $300 million, and the penalty for a company like GE could be around $2.8 billion.

Cloud structure sea change

What will all of this mean for how U.S. firms do business in the future? In 2016, we will see organizations change their approach to data transport and access. For starters, they will need to localize data policies to comply with the nations and regions where they do business, as well as where their data flows. What this means is that each geographic region will have a set of guidelines specific to handling data, as well as separate guidelines for communicating externally. This is already happening in the EU, with Germany setting more stringent data privacy rules than the rest of Europe.

data-policy

Further, organizations will also no longer be able to rely on centralized datacenters, and instead will need to rely on multiple datacenters, each subject to the specific region’s regulatory oversight. Businesses will also have to ensure that all of its cloud vendors meet the data guidelines set within each region in which it does business. We are already seeing a shift towards this model, with large providers such as Microsoft opening dedicated data centers in locations like Germany, the UK and Australia.

Making room for compliance in the C-suite

One way to handle these regulatory changes is for more private companies to add a new member to their C-suites: the Chief Privacy Officer. The CPO had historically been a role associated with government agencies, but that is changing rapidly. Any organization that collects, processes, or uses personal information across borders will need to implement information security plans to ensure that the personal data in its control is adequately protected. That’s the role of the CPO, and in 2016, it will be in high demand.

Organizations who are proactive and come up with an action plan that aligns with the new regulations will be ahead of the game. This means having end-to-end control over who accesses their data, wherever it travels. Too many companies have been standing on the sidelines, passively waiting for their vendors or the government to solve this. As we race towards the January 31, 2016 deadline, it’s becoming clear that action is needed. Some companies are moving ahead to devise a global solution without depending on the promised Safe Harbor 2.0. Others are taking interim measures such as legal boilerplate language to protect them. The high visibility of some, such as social media or cloud computing vendors, puts them at a higher risk for possible EU regulatory focus. The bottom line, however, is that the EU court decision is forcing all organizations that were part of the Safe Harbor framework to make risk-based—not just legal—decisions.

By Ron Hovsepian

Ron Hovsepian

Ron is president, chief executive and director of Intralinks, a publicly-traded provider of beyond-the-firewall collaboration technology solutions for the enterprise. Previously, Ron served as president and chief executive officer of Novell, from 2005 to 2011. He has held management and executive positions at IBM Corporation over a 17-year period, including worldwide general manager of IBM's distribution industries, manager of global hardware and software development, sales, marketing and services. Ron currently serves as a member of the board of directors of ANSYS, Inc. Follow Ron on Twitter: @RonHovsepian.

TOP ARCHIVES

Remote Patient Monitoring – One of the Most Important Applications of IoT in Healthcare

Remote Patient Monitoring – One of the Most Important Applications of IoT in Healthcare

Remote Patient Monitoring The application of IoT in Healthcare services is bringing the paradigm shift in terms of how this ...
How Blockchain Has Unexpectedly Improved Big Data Integrity

How Blockchain Has Unexpectedly Improved Big Data Integrity

Big Data Integrity Blockchain technology was developed to improve the integrity of bitcoin. However, as bitcoin became more popular, its ...
Blockchain info

How Can Blockchain-as-a-Service Help Your Business?

Blockchain-as-a-Service “Have you seen the price of Bitcoin?”, “You gotta get in on Ripple, it’s going through the roof!”, “Are we in ...
3 Steps to Better Security in the API Economy

3 Steps to Better Security in the API Economy

API Security Whenever you’re working online with the Internet, security is also a top concern. Any mistakes or lapse of ...
Best Practices in Disaster Recovery and Business Continuity

Best Practices in Disaster Recovery and Business Continuity

Best Practices in Disaster Recovery Hope for the best, prepare for the worst, and expect to be surprised. While that ...