As a result, growing amounts of sensitive customer (and company) data is stored on the cloud, and there is evidence to suggest that many organisations are still struggling to secure their clouds. Six months into 2018, some spectacular breaches had occurred, with the most significant being the personal information of all 1.1 billion citizens registered in India. Locally, the most significant case has probably been the breach at Liberty Holdings in January. Such breaches are increasingly common.
A complicating factor is that businesses often operate across more than one cloud, such as AWS and Azure, each having differing security protocols to grapple with.
Worse, many appear to be reluctant to even address the issue at hand. The 2018 Global Cloud Data Security Study, conducted by the Ponemon Institute on behalf of Gemalto, shows that a third of respondents (34 percent) believe that it’s the customer’s responsibility to secure their data in the cloud, whereas two thirds (62 percent) of customers actually hold businesses responsible. With less than half (46 percent) of businesses clearly defining roles and accountability for securing confidential or sensitive information in the cloud, it’s clear many are struggling to get their houses in order.
Taking responsibility for cloud security
In a growing number of countries, the legal responsibility for safeguarding customer data, no matter where it is housed, is unambiguously allocated to the company or organisation. The General Data Protection Regulation (GDPR) in the European Union and the Protection of Personal Information (PoPI) Act in South Africa are just two examples of this growing international trend. Organisations, and ultimately their boards, found to be taking insufficient steps to secure the data will be subject to fines and legal repercussions.
So, what can organisations do to avoid falling foul of both regulators and customers?
The key ingredient is leadership. While cloud services themselves are generally secure, the task of configuring and using them securely is often left to organisation’s IT leaders, development teams, or even business line managers. However, confusion surrounding who should implement cloud security has created challenges. Organisations must now take full ownership of the security within their clouds. A figure, such as a CISO, must be appointed to the board of a business to educate other C-level executives on the importance of data security and take responsibility for the data in the event of a breach. This ensures the business has buy-in from the board, can communicate a cloud security strategy widely, and educate staff about good cyber hygiene, thus minimising internal risks.
Once a central figure has been appointed to the board, he or she must set about ensuring that the cloud is protected. Below are five steps to help with this.
Five steps to cloud security
- Understand where the data is
Before implementing any cybersecurity strategy, businesses must first conduct a data audit. This helps them understand what data they have collected or produced and where the most sensitive and valuable parts sit. If businesses don’t know what data they possess and produce, they can’t even begin to start protecting it.
2. All sensitive data must be encrypted
While it’s crucial that businesses restrict who can access sensitive data, it’s encryption that protects data in the event of a breach. Regardless of where data is – on their own servers, in a public cloud, or a hybrid environment – encryption must always be used to protect it.
3. Securely store keys
When data is encrypted, an encryption key is created to unlock and access encrypted data. Consequently, businesses must ensure that these keys are securely stored away from the cloud. Storing a physical key offsite helps ensure it can’t be linked to any encrypted data in the cloud.
4. Introduce two-factor authentication
Next, businesses should adopt strong two-factor authentication, to ensure only authorised employees have access to the data they need to use. Two-factor authentication involves using something authorised individuals possesses, such as a smartphone that can receive a message, and something they know, like a password. This is more secure than relying on passwords alone, which can be easily hacked.
- Always install latest patches
As bugs and vulnerabilities emerge, hardware and software vendors constantly issue patches. However, many businesses don’t install patches quickly enough or use software which no longer receives regular patches. Figures from Net Applications show that one in 10 organisations still use Windows XP, despite patches being discontinued. It is imperative that businesses install patches as they become available, to avoid becoming easy targets for hackers.
- Evaluate and repeat
Once a business has implemented the above steps, it’s crucial that each step is repeated for all new data that enters its system. Cybersecurity and legal compliance are a continuing process, not an event. These steps will ultimately help make businesses unattractive or unviable targets for attackers as even in the event of a breach they won’t be able to use, steal or hold their data for ransom.
With businesses now footing the bill, reputationally and financially, for any data breach, it’s never been more important for them to take full ownership of the data they hold.
Cape Town not so calm – if you’re a driver
Cape Town drivers lose on average 162 hours a year to traffic jams, so will need some tech and a few tips to stay calm
Cape Town drivers lose, on average, 162 hours a year stuck in traffic jams, and the city is ranked 95th out of around 200 cities, across 38 countries surveyed globally, in terms of congestion issues.
That’s according to the latest INRIX 2018 Global Traffic Scorecard, which is an annual analysis of mobility and congestion trends. The study provides a data-rich evaluation of information collected during peak (slowest) travel times, and inter peak (fastest point between morning and afternoon commutes) travel times. Together they provide a holistic account of congestion throughout the day, delivering in-depth insights for vehicle drivers and policy-makers to make better decisions regarding urban travel and traffic health.
Of the further five South African cities surveyed:
- Pretoria drivers lose, on average, 143 hours a year stuck in traffic jams, ranking as the 64thmost congested city
- Johannesburg drivers lose an average of 119 hours annually, ranking 61st
- Durban drivers lose 72 hours, ranking 141st
- Port Elizabeth drivers lose 71 hours, ranking 75th
- And Bloemfontein drivers lose 62 hours, ranking 165th
If these hours sound horrific, spare a thought for the poor drivers in Colombia’s capital city of Bogotá who lose, on average, a whopping 272 hours a year stuck in traffic jams!
On average, drivers’ commutes increase by roughly 30% during peak versus inter-peak hours. And the reality is that congestion issues aren’t going away anytime soon. Not here in SA, or anywhere else in the world. So what can we, as drivers, do to make the situation easier to cope with on our daily commute?
Change of mindset
Stressing about the unavoidable, the inevitable, and all the things that are out of our control – like congestion caused by accidents, faulty street lights, or bad weather – is a waste of energy. We should try finding ways of using that time in our cars more productively, to create a less tense, more positive experience. Learning to change our perspective about this challenging time, and associating it with something enjoyable, can drastically alter our reaction to and engagement with it. Rather than expending all our energy on futile anger and frustration, we can channel our focus on things that relax or energise us instead.
Just one more chapter
Being stuck in traffic usually aggravates us because it feels like a huge waste of valuable time. But like a wise man once said, time you enjoy wasting is not wasted time. Listening to a podcast or audiobook can not only be entertaining, but also educational, which is a brilliant use of your time. Ifyou think of your car as a ‘learning lab’, a mobile university of sorts, and your time spent inside as away to exercise your brain and grow intellectually, you may even find yourself wishing for bad traffic so you have an excuse to carry on listening to your podcast or audiobook.
Tame your inner Hulk
Pulling up a playlist of your favourite, feel-good songs can do wonders to combat stress levels. Downbeat music has been proven to have a mellowing effect on drivers. Making a quick switch to downbeat music shows measurable physiological improvements, with drivers calming down much sooner, and making fewer driving mistakes. So the next time you feel your inner Hulk emerging, crank up the volume on your favourite tunes.
The power of ‘caromatherapy’
There are numerous studies on aromas and their impact on human emotion, behaviour, and performance. Researchers have found that peppermint can enhance mental and athletic performance and cognitive functioning, while cinnamon may improve tasks related to attentional processes and visual-motor response speed. A study from Kyoto University in Japan revealed that participants reported significantly lower hostility and depression scores, and felt more relaxed after awalk through a pine forest. It makes sense then, to incorporate some ‘caromatherapy’ into our lives. There are plenty of off-the-shelf car diffusers available, or you could add a few drops of essential oil to DIY felt air fresheners. Citrus scents like orange or lemon can provide a boost of energy, while rosemary can relieve stress and anxiety. Take care not to hang anything that might obstruct your field of vision though, and always make sure to test out essential oils at home first, in case a scent makes you dizzy or overly relaxed, which could affect driving focus.
Contemplate your navel
The mind is a powerful thing, and simply willing yourself to relax might be the most effective method of all. While we don’t recommend meditating while driving due to safety reasons, breathing exercises can help you stay focused and feeling calm. One useful practice is the one-to-one technique – breathing in and out for the same count with the same intensity. Deep, measured breaths facilitate full oxygen exchange, helping to slow down the rate of your heartbeat and stabilise blood pressure, as opposed to shallow breathing, which doesn’t send enough air to the lowest part of your lungs, causing you to feel anxious and short of breath. Just always keep your eyes on the road, and take care to ensure you’re not so busy counting breaths that your concentration is compromised.
Not all those who wander are lost
Some of our best ideas come in those moments where we’re alone with our own thoughts, able to really reflect on the ideas we have without having something immediate that needs our attention. Allow your mind to wander, and do a little brainstorming. Alternatively, use the time to simply day dream. Remember, downtime is not dead time. It is both necessary, and important for your mental health. Use this time as an opportunity to take care of yourself.
In-built vehicle tech
“As we spend more and more time commuting, cars are being designed to accommodate longer periods behind the wheel,” says Kuda Takura, smart mobility specialist at Ford Motor Company of Southern Africa. “Ford uses human-centric design to deliver vehicles that are inviting, accommodating, and intuitive. For example, our SYNCT infotainment system offers nifty, hands-free functions, like allowing drivers to listen to their texts, change music or climate settings, and make phone calls easily with voice control. Our range of driver-assist technologies, like Adaptive Cruise Control, Pre-Collision Assist with Pedestrian Detection and Semi-Auto Active Park Assist, are also designed to take some of the stress off city driving. If our lifestyle means that we might be spending more time in our cars than we do on holiday, then we should make sure we make the most of that time.”
Vodacom exits Africa biz services
Vodacom Group has sold Vodacom Business Africa’s operations in Nigeria, Zambia and Cote d’Ivoire to Andile Ngcaba’s Synergy Communications. The two entities are in the process of concluding the acquisitions, which are subject to the approval of the regulatory authorities within these markets.
Vodacom says the transaction supports the Group’s enterprise strategy in Africa, which has been refocused to grow and strengthen its core business. It will no longer directly service global enterprise customers in these three markets but will rather continue to operate as a pan African telecommunications networks provider through local relationships, like the one with Synergy Communications.
This acquisition represents a significant milestone in Synergy Communication’s quest to be a leading provider of cloud and digitally based services in key markets across sub-Saharan Africa and provides key additional assets in its build out of a regional footprint. Synergy Communications currently has operations in Botswana, Malawi and Mozambique.
Andile Ngcaba, Chairman of Synergy Communications said: “This is an exciting landmark transaction for Synergy Communications, providing us with additional momentum in the delivery of our strategy as a pan-African enterprise digital Services Provider. Synergy Communications will partner with major global cloud providers and deliver platform-based services to both multi-nationals and local enterprises.”
Shameel Joosub, CEO of Vodacom Group, said: “Vodacom has a clear vision for strengthening our position as a leading pan-African business and will work with local service providers like Synergy Communications to grow in these markets. Crucially, Vodacom is not exiting any of the territories related to this transaction and remains focused on continuing to deliver exceptional service to our global and multinational clients in these markets through long-term commercial agreements.
“To support the sustainable growth of pan African digital economies and building connected societies, Vodacom will, via local service providers, continue to service clients in each market. We seek to leverage the collective strengths of Vodacom and Synergy Communications to meet the changing requirements of clients across each of these markets.”