Personalization, the killer user engagement feature, is built on trust and data security. User data, displayed on websites and available through secure APIs, is the new pivot for enterprise IT that will drive the evolution of security practices and customer engagement in 2015 and beyond.
However, in an age of increasing security issues, it’s crucial that companies safeguard user data. Looking to protect sensitive information while providing the best, most convenient digital experience, companies are now looking to advanced forms of security innovation.
Personalization and Personal Security
Everyone loves an app that responds based on what it knows the visitor will want – a tune-up because your car is due for repairs, a doctor’s office that displays relevant schedule openings to authenticated patients – yet people remain concerned their personal information could be exposed to others. Making a convenient appointment with a doctor isn’t worth risking that an intruder will leak your medical records on Facebook because of an unprotected port between the scheduler app, patient record ID and the medical records datastore.
The consumer’s world is full of untapped benefits from connecting data on their behalf in the form of services, from the Űberfication of local services to the application of expert systems to assist busy doctors with diagnoses. As sophisticated data analysis unleashes deep insights, the resulting wave of data will produce many more avenues for malicious attackers.
Isolating servers and building layers of defense is the most effective approach to security available today. Isolation closes a physical or virtual machine on a private network to all but designated traffic. Intruders cannot probe these connections, nor can they identify the IP address of the isolated server. The network is protected by opening minimal ports, running only necessary services and securing sensitive information in transit. When passing requests from web-facing servers through encrypted tunnels, designate a single point of access for just one type of data connection so the traffic can be carefully monitored for unusual activity.
Securing the Cloud
Web services’ evolving mandate is to be invisible and reliable. We make connections between organizations and their customers transparently and quietly, keeping transactions moving while user data remains secure.
As Forrester Research put it early in the virtualization era, server virtualization is 90 percent process and only 10 percent technology — for companies linking sensitive data to the network, logical and physical isolation remain the primary strategies for enhanced security. With a logically isolated network in place, an enterprise can set up VPNs between the private network and remote data centers or other clouds in order to access information without exposing any traffic to the open Internet.
“Companies are starting to use private and public cloud for their mainstream applications, with business line metering and billing becoming more common,” Forrester research analyst Richard Fichera wrote in August 2014. “Press your vendors to deliver automation driven by simpler policies. Make them do the hard work for you and hide the complexity[.] Automation that requires heavy human involvement is contradictory to the very principles of automation.”
At Acquia, we’ve added Acquia Cloud Shield, a virtual private cloud (VPC) with VPN capabilities built on top of Amazon Web Services to provide cloud-to-cloud protection between the company’s PaaS and client devices. We created this as a response to customers’ need to ensure their Drupal apps have fine-grained control over data access and network resources, and to provide the necessary data when designing user experiences.
VPN and the Future of the Cloud
For security to succeed, it must not be hard for the customer to adopt. Building exceptional security is hard for IT and should be, because securing sensitive data is a basis for customer confidence. For hosting customers, data security is worth more than all the gold that used to sit in Fort Knox. That immense value resides in databases now.
Disclaimer: This article was written by a guest contributor in his/her personal capacity. The opinions expressed in this article are the author’s own and do not necessarily reflect those of CloudWedge.com.