Sections

To Cloud Or Not To Cloud: That Is The Compliance Question

Daniel Newman

Some companies have embraced cloud technology with open arms, while others approach it with extreme wariness—understandably so, since for industries that handle sensitive data, cloud security risks could spell disaster. However, fear of the cloud often comes from a lack of information rather than actual risk.

Companies today have the opportunity to use public, private, and hybrid cloud options, yet many technology leaders continue to vacillate in their cloud approach. Some still favor legacy solutions, even though they run slower and cost more. Others only use public or private cloud solutions minimally, and haven’t yet explored the possibility of hybrid solutions.

The possibilities of hybrid cloud

A hybrid cloud setup offers companies the greatest flexibility yet. If you have sensitive data, you can still use traditional networking for data storage while running some enterprise applications through a public or private cloud. The solution allows companies to set up a customized cloud structure that makes sense on every level.

The risk versus the reward  

Companies that look at the full threat landscape understand the potential risk of cloud solutions. While it will always carry a certain level of risk, lost devices, human error, and other types of breaches often represent a higher risk of vulnerability than a cloud solution. Furthermore, third-party companies often run private, public, and hybrid cloud solutions. Your security is in a vendor’s best interest. Without strong security protocols and continual updates, they could lose clients and their reputation in the industry.

All organizations in every industry are moving to the cloud. They may not house everything there, but they use it to some extent. Companies that fail to explore the possibilities today may not keep up with the changing digital needs of their target markets down the road. 2016 is the right time to explore a cloud migration.

Compliance and security: Hybrid cloud in tough verticals

Some industries must consider regulatory requirements before moving their enterprise applications and data into a cloud solution. Healthcare, government, and the finance industry all represent fields with data sensitivity concerns. Luckily, many vendors and a government program called FedRAMP now offer highly secure and customizable hybrid cloud solutions so certain industries can maintain compliance while continuing to transition to the cloud.

FedRAMP, healthcare, and government agencies. FedRAMP (Federal Risk and Authorization Management Program) is a program that standardizes security for cloud solutions. Companies that offer authorized FedRAMP security with their cloud solutions meet the security requirements sensitive industries can use to safely move their data and solutions into the cloud. Amazon, Windows, and IBM all offer FedRAMP cloud solutions for government agencies and other organizations.

The finance sector. Major banks, lenders, and other financial institutions—all heavily regulated—have discovered that the benefits of cloud migration outweighs the risks. They can work faster with less downtime and more comprehensive data management in the cloud, than in any traditional solutions provided. Plus, moving to the cloud is incredibly cost-effective. Hybrid solutions benefit internal operations, but more importantly, they benefit the customer.

Choosing a hybrid cloud provider 

Hybrid cloud solutions are scalable, so companies can use them on a small scale before they roll out a comprehensive solution at the enterprise level. Companies that still harbor reservations may find this type of approach more digestible. If you’re interested in seeing what the hybrid cloud can do for you, learn more about your compliance requirements. A cloud vendor that readily understands the regulatory constraints you face will know how to recommend a hybrid solution that allows you to create a secure solution.

When you adopt cloud solutions, they will offer more flexibility, faster transmission speeds, and enhanced productivity. Look for solutions that can support your needs today, as well as projects for the future of your industry. Explore how moving to the cloud will change device policies, IoT acceptance, and remote worker capabilities. A hybrid cloud investment will not only benefit your company today, it will also drive progress tomorrow.

 

This post was brought to you by IBM Global Technology Services. For more content like this, visit Point B and Beyond 

Photo Credit: iebschool via Compfight cc

The post To Cloud or Not to Cloud: That is the Compliance Question appeared first on Millennial CEO.

Comments

About Daniel Newman

Daniel Newman serves as the Co-Founder and CEO of EC3, a quickly growing hosted IT and Communication service provider. Prior to this role Daniel has held several prominent leadership roles including serving as CEO of United Visual. Parent company to United Visual Systems, United Visual Productions, and United GlobalComm; a family of companies focused on Visual Communications and Audio Visual Technologies. Daniel is also widely published and active in the Social Media Community. He is the Author of Amazon Best Selling Business Book "The Millennial CEO." Daniel also Co-Founded the Global online Community 12 Most and was recognized by the Huffington Post as one of the 100 Business and Leadership Accounts to Follow on Twitter. Newman is an Adjunct Professor of Management at North Central College. He attained his undergraduate degree in Marketing at Northern Illinois University and an Executive MBA from North Central College in Naperville, IL. Newman currently resides in Aurora, Illinois with his wife (Lisa) and his two daughters (Hailey 9, Avery 5). A Chicago native all of his life, Newman is an avid golfer, a fitness fan, and a classically trained pianist

BlockShow Europe 2017: A Look At Top Use Cases For Blockchain Technology

Jacqueline Prause

With people now looking beyond the banking industry for promising use cases built on blockchain technology, BlockShow Europe 2017 could not have come at a better time.

Held April 6-7 at the Alte Kongresshalle in Munich, Germany, the event attracted more than 560 people and featured 26 speakers, making it the largest international blockchain event in Europe to date. Organized by Cointelegraph in partnership with Nexussquared and BlockPay, BlockShow Europe provided ample opportunity for networking, knowledge sharing, and education.

The event attracted a mostly young, entrepreneurial crowd, many of whom were already working in established Bitcoin and blockchain startups. Innovation experts from the corporate sector were also on hand, as well as “explorers” who were just getting familiar with the technology. According to Cointelegraph, more than 200 individual networking meetings took place during the event.

Notable and quotable

Moderator Elizabeth Lumely, a leading expert on fintech solutions and managing director of Rainmaking, guided the program in a constructive exchange that offered information useful to both Bitcoin and blockchain people alike. She shared the results of a recent survey by Cointelegraph that asked: What is necessary for blockchain in the enterprise? Fifty-seven percent of respondents answered “security first for Bitcoin,” while 43% answered “smart contract Ethereum.”

Bitcoin entrepreneur Charlie Shrem presented the opening keynote, “The Current State of the Blockchain.” During his address, Shrem, founder of the Bitcoin Foundation and currently responsible for business development for cryptocurrency exchange Changelly, compared blockchain technology with the power of the printing press for its potential to remove corruption, power, and control from the hands of the few and put it back into the hands of the people. Shrem said, “The printing press gave people the ability to publish their own information very cheaply across borders around the world and distribute it in a decentralized way. Bitcoin is the printing press of our time. And blockchain technology is what’s powering that.”

Trust: the decisive factor

Panel discussions took on provocative hot topics like the challenges of blockchain implementation and initial coin offerings (ICOs) of cryptocurrencies. Panel experts agreed that blockchain technology is good for solving issues of trust, which they said seems to be the best measure for evaluating the promise of use cases. The blockchain community, however, is faced with challenges common to new technologies: lack of standardization; fee structure; interoperability between different blockchains; and absence of relevant legislation. One hurdle for new users of the technology may be a willingness to accept full responsibility for their data and use of the technology. As one panelist noted, there is no blockchain help line, for example, in the event that you lose your privacy key.

The banking industry was represented with a keynote from Daniel Drummer, vice president at JP Morgan, describing the blockchain-related projects underway at his company. In another keynote that resonated well with the audience, Milan Sallaba, partner at Deloitte, shared his organization’s insights and advice on how entrepreneurs can move from blockchain use cases to scalable production.

Use cases showcase breadth of new technology

Throughout the day, startups took to the main stage to present their blockchain use cases and business models. Here is a sampling of just a few.

  • Energy: The aim of SolarChange is to incentivize people and even developing nations to produce solar energy and sell it back into the grid. The blockchain billing mechanism allows people to track how much energy they are feeding into the grid.
  • Content distribution: DECENT provides a peer-to-peer content distribution network, without the absorbent fees associated with traditional publishing houses. Content on the network includes books, blogs, music, and video provided directly from the artist or author. DECENT’s Caesar testnet launched in March, and it plans to launch its mainnet in June.
  • Supply chain: Kouvala Innovation Oy, based in Finland, is using blockchain technology to enable an information backbone for the movement of goods Europe-wide – or the “Internet for Logistics” – so that every logistics company on the network can benefit from a new level of transparency into shipping activities. Test results with live data are expected at end of June.
  • Intellectual property: Bernstein.io is using blockchain-based, secured digital certificates to create a trail of record for inventors’ creations. Digital certificates can also be attached to non-disclosure confidentiality agreements to establish the existence of a creation and record who knew of it. Legal acceptance of blockchain certificates is developing rapidly because they provide reliable documentation for clients.
  • Fine art: Verisart is a startup that is using blockchain technology to provide verification of authenticity for fine art.

Blockchain Oscars: more use cases!

The event also featured a Blockchain Oscar Competition to select the most promising startups working with blockchain technology. The winner for “Most Innovative Blockchain Startup” was Etherisc, a German startup specializing in providing a blockchain solution for the insurance industry that uses smart contracts. The prize in this category was €5,000 worth of Bitcoins.  The winner for “Startup with the Biggest Potential for Betterment of Humanity” was SolarChange. The prize in this category was €5,000 worth of tokens from Humaniq, a next-generation bank offering solutions for the unbanked.

To learn more about blockchain, read the Forbes Insights Briefing Report: Transforming Transaction Processing for the Digital Economy.

Comments

About Jacqueline Prause

Jacqueline Prause is the Senior Managing Editor of Media Channels at SAP. She writes, edits, and coordinates journalistic content for SAP.info, SAP's global online news magazine for customers, partners, and business influencers .

Supply Chain Risk Managers Must Be Fuzzy, Or Fail

Susan Galer

I’ve been eager for the chance to inject the fashionable word “fraught” into one of my blogs for a while, and a recent conversation about supply chain risk presented the ideal opportunity.

During an exclusive roundtable at the SAP Ariba Live 2017 event in Las Vegas entitled “Managing Risk in Your Supplier Engagements,” three experts talked about how companies can prevent the worst from happening in a world fraught with stuff that can go wrong.

Their message was that companies can use advanced technologies like machine learning and predictive analytics to neutralize the impact of natural disasters, global currency fluctuations, and labor strikes, more easily ensure compliance with increasing regulations, and even address evils like forced and slave labor in their supply chain ─ but only if all that tech is backed by a corporate commitment to do good.

Cognitive computing changes the game for risk managers

Investigators and risk managers require both data transparency and context, something Padmini Ranganathan, vice president, products & innovation at SAP Ariba, said is foundational to how the SAP Ariba network of buyers and sellers operates. Dan Adamson, CEO of OutsideIQ, an SAP Ariba partner, discussed his company’s cognitive computing platform, which, together with SAP Ariba, changes the game.

Ranganathan noted that advanced technologies can help companies make sure they have the right data at the right time in the right place, and with the right person able to act. “When your supplier is tripping up somewhere, you need to be there to catch it,” he advised. “Technology is a very powerful tool with the ability to machine learn and pattern match to find out what’s going on.”

“Until now, machines have been great at combing through vast amounts of data but not providing context,” he added. “We bring in the right data and apply the first layer of context to make sure it’s a risk you would care about. How you deal with it is another level of context. We’ll see an evolution because some of your suppliers, depending on your industry, might have a heavy regulatory slant, and you need to treat them differently. Our layers of cognitive computing help filter out the noise and bring the relevant events to bear.”

Outside IQ conducts research far beyond simple watch list monitoring. “We go deeper with our cognitive process, replicating what a researcher would do, looking for patterns and links,” Ranganathan continued. “What might be clean today may have a news report tomorrow. Companies need to know before something becomes an explosive issue. The power SAP Ariba brings in is the whole layer of scoring indicators with relationship insights.”

Purpose-driven supply chain

James Edward Johnson, director of supply risk and analytics at Nielsen, said companies have a shared responsibility in managing supply chains for the greater good. The SAP Ariba network helps Nielsen conduct due diligence at scale faster and more cost-efficiently.

“World development has made some people richer and left a lot of people behind,” Johnson noted. “Because we’re so active in the supply chain, we actually touch millions of lives. How do you make sure that’s a force for good, that when you negotiate deals your push for price isn’t merely favoring companies that will cut corners, abuse their workers, enslave people, or rip up the environment by dumping chemicals into lakes?

“SAP Ariba is a great platform because it’s to a degree, data-neutral. A group like Outside IQ will find and read documents from everywhere in the world. If we can find and solve problems in our supply chain, we can make a difference in the world.”

Forget focus, follow the arc to uncover bad behavior

Responding to an audience member question, Johnson cautioned against zeroing in on risks.

“The moment you start focusing, you’re going to fail to capture risk, which is about seeing the unseen,” he said. “Sometimes your peripheral vision is more effective than your central vision. This is the arc of whatever risk you’re looking at. For example, I can guarantee financial indicators are a good leading indicator. The moment a company starts to fail at meeting their numbers, they’ll start taking risks. The question is where those risks materialize. You have look at other things that might provoke bad behavior.”

Every risk manager should be willing to say, “The answer I just gave you is wrong.”

Make data actionable, but accept fuzziness

These experts agreed that people need to factor risk indicators into contract negotiations while recognizing the level of uncertainty inherent to all kinds of data.

“Everyone in risk management should be willing to say ‘the answer I just gave you is wrong’ – the question is by how much and in what direction,” said Johnson. “Too often people are called on to give specific answers they can hang their hat on. That might teach people to manipulate the data or give people who are politically capable an advantage over people who are technically capable, so you might end up promoting people who are better at talking.”

Machine learning promises to strip out biases like recency and sample selection to give decision makers greater objectivity in understanding actual and potential risks and how to address them. “We should have science-based answers, we should have the data, and we should be able to know how well we know what we say we know,” said Johnson.

For more supply chain risk management strategies, see Managing Third-Party Risk Through Verified Trust.

Follow me: @smgaler

Comments

The Future of Cybersecurity: Trust as Competitive Advantage

Justin Somaini and Dan Wellers

 

The cost of data breaches will reach US$2.1 trillion globally by 2019—nearly four times the cost in 2015.

Cyberattacks could cost up to $90 trillion in net global economic benefits by 2030 if cybersecurity doesn’t keep pace with growing threat levels.

Cyber insurance premiums could increase tenfold to $20 billion annually by 2025.

Cyberattacks are one of the top 10 global risks of highest concern for the next decade.


Companies are collaborating with a wider network of partners, embracing distributed systems, and meeting new demands for 24/7 operations.

But the bad guys are sharing intelligence, harnessing emerging technologies, and working round the clock as well—and companies are giving them plenty of weaknesses to exploit.

  • 33% of companies today are prepared to prevent a worst-case attack.
  • 25% treat cyber risk as a significant corporate risk.
  • 80% fail to assess their customers and suppliers for cyber risk.

The ROI of Zero Trust

Perimeter security will not be enough. As interconnectivity increases so will the adoption of zero-trust networks, which place controls around data assets and increases visibility into how they are used across the digital ecosystem.


A Layered Approach

Companies that embrace trust as a competitive advantage will build robust security on three core tenets:

  • Prevention: Evolving defensive strategies from security policies and educational approaches to access controls
  • Detection: Deploying effective systems for the timely detection and notification of intrusions
  • Reaction: Implementing incident response plans similar to those for other disaster recovery scenarios

They’ll build security into their digital ecosystems at three levels:

  1. Secure products. Security in all applications to protect data and transactions
  2. Secure operations. Hardened systems, patch management, security monitoring, end-to-end incident handling, and a comprehensive cloud-operations security framework
  3. Secure companies. A security-aware workforce, end-to-end physical security, and a thorough business continuity framework

Against Digital Armageddon

Experts warn that the worst-case scenario is a state of perpetual cybercrime and cyber warfare, vulnerable critical infrastructure, and trillions of dollars in losses. A collaborative approach will be critical to combatting this persistent global threat with implications not just for corporate and personal data but also strategy, supply chains, products, and physical operations.


Download the executive brief The Future of Cybersecurity: Trust as Competitive Advantage.


Comments

Tags:

How Digital Transformation Is Rewriting Business Models

Ginger Shimp

Everybody knows someone who has a stack of 3½-inch floppies in a desk drawer “just in case we may need them someday.” While that might be amusing, the truth is that relatively few people are confident that they’re making satisfactory progress on their digital journey. The boundaries between the digital and physical worlds continue to blur — with profound implications for the way we do business. Virtually every industry and every enterprise feels the effects of this ongoing digital transformation, whether from its own initiative or due to pressure from competitors.

What is digital transformation? It’s the wholesale reimagining and reinvention of how businesses operate, enabled by today’s advanced technology. Businesses have always changed with the times, but the confluence of technologies such as mobile, cloud, social, and Big Data analytics has accelerated the pace at which today’s businesses are evolving — and the degree to which they transform the way they innovate, operate, and serve customers.

The process of digital transformation began decades ago. Think back to how word processing fundamentally changed the way we write, or how email transformed the way we communicate. However, the scale of transformation currently underway is drastically more significant, with dramatically higher stakes. For some businesses, digital transformation is a disruptive force that leaves them playing catch-up. For others, it opens to door to unparalleled opportunities.

Upending traditional business models

To understand how the businesses that embrace digital transformation can ultimately benefit, it helps to look at the changes in business models currently in process.

Some of the more prominent examples include:

  • A focus on outcome-based models — Open the door to business value to customers as determined by the outcome or impact on the customer’s business.
  • Expansion into new industries and markets — Extend the business’ reach virtually anywhere — beyond strictly defined customer demographics, physical locations, and traditional market segments.
  • Pervasive digitization of products and services — Accelerate the way products and services are conceived, designed, and delivered with no barriers between customers and the businesses that serve them.
  • Ecosystem competition — Create a more compelling value proposition in new markets through connections with other companies to enhance the value available to the customer.
  • Access a shared economy — Realize more value from underutilized sources by extending access to other business entities and customers — with the ability to access the resources of others.
  • Realize value from digital platforms — Monetize the inherent, previously untapped value of customer relationships to improve customer experiences, collaborate more effectively with partners, and drive ongoing innovation in products and services,

In other words, the time-tested assumptions about how to identify customers, develop and market products and services, and manage organizations may no longer apply. Every aspect of business operations — from forecasting demand to sourcing materials to recruiting and training staff to balancing the books — is subject to this wave of reinvention.

The question is not if, but when

These new models aren’t predictions of what could happen. They’re already realities for innovative, fast-moving companies across the globe. In this environment, playing the role of late adopter can put a business at a serious disadvantage. Ready or not, digital transformation is coming — and it’s coming fast.

Is your company ready for this sea of change in business models? At SAP, we’ve helped thousands of organizations embrace digital transformation — and turn the threat of disruption into new opportunities for innovation and growth. We’d relish the opportunity to do the same for you. Our Digital Readiness Assessment can help you see where you are in the journey and map out the next steps you’ll need to take.

Up next I’ll discuss the impact of digital transformation on processes and work. Until then, you can read more on how digital transformation is impacting your industry.

Comments

About Ginger Shimp

With more than 20 years’ experience in marketing, Ginger Shimp has been with SAP since 2004. She has won numerous awards and honors at SAP, including being designated “Top Talent” for two consecutive years. Not only is she a Professional Certified Marketer with the American Marketing Association, but she's also earned her Connoisseur's Certificate in California Reds from the Chicago Wine School. She holds a bachelor's degree in journalism from the University of San Francisco, and an MBA in marketing and managerial economics from the Kellogg Graduate School of Management at Northwestern University. Personally, Ginger is the proud mother of a precocious son and happy wife of one of YouTube's 10 EDU Gurus, Ed Shimp.