Just because a company has chosen a reputable cloud software provider for storing data and applications doesn’t mean it can neglect information security. STEVEN COHEN, MD for Sage One Accounting AAMEA provides ten tips for keeping cloud data secure.
If you choose a credible cloud software provider, it will host your accounting or payroll applications and data in a secure data centre underpinned by world-class technology. This will free you from doing backups, buying and installing new versions of the software, and fencing your data behind high security software.
Yet that doesn’t mean you can neglect information security in your business. You’ll still be using your own devices to access the cloud, so there are some security vulnerabilities you need to take care of on your side. Here are a few ways to protect your business from data security threats.
1. Choose the right provider
Buy cloud services only from reputable software vendors and Internet service providers. These companies will have put a range of processes and policies in place to secure their infrastructure and your data from information security risks. For example, our online solution, Sage One Accounting and Sage One Payroll, is hosted with Internet Solutions, who run one of the country’s most secure data centres.
That means our clients can rest assured that their data will be secure, backed-up, and accessible – safe from hackers, weather disasters, theft, Eskom and all the other challenges you need to manage if you run the software on your own computers.
2. Educate your end-users
Educate your end-users about the basics of information security – for example, make sure they know why they need to choose strong passwords and that they’re alert to the dangers of phishing emails designed to persuade them to give their log-in details to people with criminal intentions.
3. Install antimalware software
You should install antivirus and antimalware software on your laptops and desktop computers, and then keep it up to date with the latest definitions. This will help to protect you from malicious software programs such as Trojans and keyloggers. Such software can be used to steal information such as your log-ins for online banking or cloud applications.
4. Enforce strong passwords
Cloud services can usually be accessed through any device connected to the public network. You will authenticate yourself to the service with a username and password. Protect yourself by choosing a strong password that is difficult to guess, but easy for you to remember. It is just as important to change your password periodically. You must also take care not to let your password fall into the wrong hands.
5. Get serious about mobile security
It’s great that you can access your accounting software or payroll through your smartphone or tablet, but there’s also a risk attached to this. If you save your passwords on the device, anyone who steals your device or finds it if you lose it will be able to access your information.
Thus, be sure to lock your device behind a PIN code or password when not in use. Also, most mobile devices today allow you to track their location or remotely wipe data. It’s a good idea to enable this functionality just in case the device goes missing.
6. Keep software up to date with security patches
When it comes to desktops and notebooks, be sure to keep your operating systems and browsers up to date with the latest security patches. These close off known vulnerabilities in the software, making your computer more secure.
7. Apply two-step verification
Where your cloud provider allows it, enable two-factor authentication. For example, you could set your account up to ask for a code sent to you by SMS when you log in or use a fingerprint in addition to a password. Thus, even if someone steals or guesses your password, they won’t be able to access your sensitive data.
8. Be careful about where you log into cloud services
If you sometimes log into your cloud applications using public, borrowed or shared computers, make sure that you opt to not save your password and ensure you log out of your account after you are done. Also, if you’re working with particularly sensitive data, be aware that public wireless networks are usually not secure.
9. Keep your passwords secret
Look after your passwords. Don’t keep them in an easily accessible file on your computer or scribble them on sticky notes that you paste on your screen where everyone can see them.
10. Check the security certificate
Get in the habit of checking that any cloud sites you use have a security certificate in place. The certificate should be valid for the vendor providing the cloud service, should not be expired, and must be issued by a reputable certificate company.
On Sage One Accounting or Sage One Payroll, data is encrypted and utilises a Verisign security certificate. This certificate is fully authenticated and verified, encrypting your data with up to 256-bit encryption (browser dependent).
Gadget goes to Hollywood
Gadget visited the Netflix studios last week. In the first of a series, ARTHUR GOLDSTUCK talks to CEO Reed Hastings.
Netflix CEO Reed Hastings is no stranger to Africa. He has travelled throughout South Africa, taught maths in Swaziland for two years with the Peace Corps, and visits close family in Maputo. As a result, he is keenly aware of the South African entertainment and connectivity landscape.
In an exclusive interview at the Netflix studios in Hollywood, Los Angeles, last week, he revealed that Netflix had no intentions of challenging MultiChoice’s dominance of live sports broadcasting on the continent.
“Other firms will do sport and news; we are trying to focus on movies and TV shows,” he said. “There are a lot of areas that are video that we are not doing: sports, news, video gaming, user-generated content. We don’t have live sport.
“We’re not replacing MultiChoice at all. Their subscriber growth is steady in South Africa. They serve a need that’s independent of the Internet, via low-price satellite. There is no intention of capturing that audience. If they’re growing, it’s because they serve a need.”
While Reed ruled out any collaboration with MultiChoice on its satellite delivery platform, despite its collaboration with another pay-TV service, Sky TV in the United Kingdom, he did not close the door. He stressed that Netflix saw itself as an Internet-based service, and would pursue the opportunities offered by evolving broadband in Africa.
“If you look in other markets like the USA, how Comcast carries us on set-top boxes with their other services, it could happen with MultiChoice, the same as with all the pay-TV providers.
“We’re really focused on being a service over the Internet and not over satellite. Our service doesn’t work on satellite. Where we work with Sky is on Internet-connected devices. We’re happy to work on Internet-connected devices. We tend to work on smart TVs, but need broadband Internet for that.
“Broadband is getting faster in Nigeria, Tanzania, Kenya and South Africa – we can see the positive trendlines – so it’s more likely we will work with broadband Internet companies.”
Hastings is a firm believer in the idea that one content provider’s success does not depend on pushing another down.
“HBO has grown at the same time as we have, so can see our success doesn’t determine their success. What matters is amazing content with which the world falls in love.”
Click here to read about Netflix’s international expansion, and how the streaming service selects content for its platform.
Take these 5 steps to digital
By MARK WALKER, Associate Vice President for Sub-Saharan Africa at IDC Middle East, Africa and Turkey.
Digital transformation isn’t a buzz word because it sounds nice and looks good on the business CV. It is fundamental to long-term business success. IDC anticipates that 75% of enterprises will be on the path to digital transformation by 2027.
However, digital transformation is not a process that ticks a box and moves to the next item on the agenda – it is defined by the organisation’s shift towards a digitally empowered infrastructure and employee. It is an evolution across system, infrastructure, process, individual and leadership and should follow clear pathways to ensure sustainable success.
The nature of the enterprise has changed completely with the influence of digital, cloud and the Fourth Industrial Revolution (4IR), and success is reliant on strategic change.
There is a lot more ownership and transparency throughout the organisation and there is a responsibility that comes with that – employees want access to information, there has to be speed in knowledge, transactions and engagement,” he adds. “To ensure that the organisation evolves alongside digital and demand, it has to follow five very clear pathways to long-term, achievable success.
The first of these is to evaluate where the enterprise sits right now in terms of its digital journey. This will differ by organisation size and industry, as well as its reliance on technology. A smaller organisation that only needs a basic accounting function or the internet for email will have far different considerations to a small organisation that requires high-end technology to manage hedge funds or drive cloud solutions. The same comparisons apply to the enterprise-level organisation. The mining sector will have a completely different sub-set of technology requirements and infrastructure limitations to the retail or finance sectors.
Ultimately, every organisation, regardless of size or industry, is reliant on technology to grow or deliver customer service, but their digital transformation requirements are different. To ensure that investment into artificial intelligence (AI), machine learning, knowledge engines, automation and connectivity are accurately placed within the business and know exactly where the business is going.
The second step is to examine what the business wants to achieve. Again, the goals of the organisation over the long and short term will be entirely sector dependent, but it is essential that it examine what the competitive environment looks like and what influences customer expectations. This understanding will allow for the business to hone its digital requirements accordingly.
The third step is to match expectations to reality. You need to see how you can move your digital transformation strategy forward and what areas require prioritisation, what funding models will support your digital aspirations, and how this tie into what the market wants. Ultimately, every step of the process has to be prioritised to ensure
The fourth step is to look at the operational side of the process. This is as critical as any other aspect of the transformation strategy as it maps budget to skills to infrastructure in such a way as to ensure that any project delivers return on investment. Budget and funding are always top of mind when it comes to digital transformation – these are understandably key issues for the business. How will it benefit from the investment? How will it influence the customer experience? What impact will this have on the ongoing bottom line? These questions tie neatly into the fifth step in the process – the feedback loop.
This is often the forgotten step, but it is the most important. The feedback loop is critical to ensuring that the digital transformation process is achieving the right results, that the right metrics are in place, and that the needle is moving in the right direction. It is within this feedback loop that the organisation can consistently refine the process to ensure that it moves to each successive step with the right metrics in place.
There is also one final element that every organisation should have in place throughout its digital evolution. An element that many overlook – engagement. There must be a real desire to change, from the top of the organisation right down to the bottom, and an understanding of what it means to undertake this change and why it is essential. This is why this will be a key discussion at the 2019 IDC South Africa CIO Summit taking place in April this year. With this in place, the five steps to digital transformation will make sense and deliver the right results.