Hybrid cloud adoption: why vendors are making the switch in 2022 and why you should too
Source: Finance Derivative
Aruba Enterprise Marketing Manager, Massimo Bandinelli
Despite the low start-up cost and convenience of public cloud solutions, vendors are now re-evaluating their operations and looking to reap the benefits of hybrid offerings.
In the wake of the global pandemic, Massimo Bandinelli, Aruba Enterprise Marketing Manager, believes that 2022 is the year that businesses need to re-examine their IT infrastructure and move towards newer and better solutions.
Business operations have undergone a massive transformation in recent years as the integration of digital technology has grown immensely across the industry. The World Economic Forum predicts great technological changes for the future, and global boardrooms are no different. The digital revolution doesn’t seem to be slowing down any time soon. In 2022 and beyond, organisations will continue to fuse the lines between physical and digital worlds, as they observe how technology can enhance how we work in today’s post-pandemic world and utilise it to drive productivity and futureproof operations.
Thanks to the shift towards remote working, cloud computing has now become a key component of IT operations for enterprises. It was unsurprising that 96% of US data centre experts reported increased demand for data centre services since the start of the pandemic, according to a recent survey by ABB Power Conversion. This is just the beginning. Business owners are likely to continue to invest in a range of emerging technologies like artificial intelligence, machine learning, automation, big data analytics, 5G and more, driving more data centre demand for many years to come. Without a solid cloud framework, the joining of these innovations would be unsupported and risky.
The move towards modified hybrid solutions is becoming a trend amongst vendors in the industry, since they offer a combination of private and public cloud design. So how can enterprises benefit from switching from a public cloud solution to a more bespoke hybrid offering? Let’s examine this more closely.
Looking towards hybrid cloud options
Whilst public cloud solutions have the appeal of flexibility, ease of use and low capital expenditure, these advantages come at the cost of a greater number of drawbacks. One disadvantage is that companies are forced to make performance and functionality compromises because of the regulations that govern external cloud platforms. As a result, companies may become too dependent on these platforms, making it impossible for them to switch vendors. Additionally, as enterprises scale up their cloud operations over time, the low-cost setup will likely result in high operating costs.
In essence, the hybrid cloud provides a bespoke offering of different technologies, customised to a company’s requirements and objectives. With this solution, a public cloud (cloud) is combined with a physical data centre (private cloud), allowing for the sending and receiving of data and applications between cloud and on-premises data centres. Among the greatest benefits of hybrid cloud computing are security, scalability, cost and compliance. Let’s explore them individually.
Industry leaders have grown accustomed to unexpected events over the past two years. Regardless of how well they meet the needs of their business, demand is always subject to change. To manage this, the hybrid cloud offering gives IT pioneers the flexibility to easily react to unpredictable spikes in demand. For example, public clouds can offer additional capacity in the short term, whilst on-premises data centres can be used to store long-term fixed data. Enterprises can utilise this combination of offerings to optimise the versatility of their cloud framework, whilst keeping access costs to a minimum or exceeding their existing capacity.
Maximised data security
Hybrid cloud allows IT managers much greater control over their data. Private cloud is the ideal model for storing highly sensitive data, whilst public cloud can be used when handling less delicate data. The combination of these two offerings enables companies to lower their operation costs without comprising the protection of their data. The centralised management system of a hybrid solution enables solid technical security measures such as encryption, access control, automation, orchestration, and endpoint protection to be implemented easily, resulting in a safer and more protected data flow.
Compliance is critical
Data regulation is an evolving landscape, and it is expected to become even more complex as cyber security and privacy become more prominent priorities for global leaders and regulators in the coming years.
In determining the right cloud solution for their business, enterprise leaders should focus especially on the issue of data sovereignty. The concept of data sovereignty dictates that digital data should be governed by the laws within the nation it was collected or created. This principle applies not only to EU countries, but also to businesses that gather, store or process data from EU-based organisations. Users of the public cloud model can expect to face a complicated set of compliance rules and regulations, due to the high levels of control that this type of solution demands over data. With companies having to sacrifice a certain degree of management over their data, combined with a lack of transparency from most public cloud vendors, it can often be challenging to locate data and determine how it is stored.
In contrast, hybrid offerings allow complete visibility, as IT leaders are able to maintain their own storage and networking infrastructure whilst storing data in a private cloud. Moreover, adopting a hybrid cloud solution can help organisations to achieve total compliance with regional and industry standards, whilst simultaneously generating evidence that can help report and audit their performance with confidence.
Given the rapid growth in demand over the last few years, it’s unsurprising that data management challenges are expected to rise in 2022 and beyond. As opposed to using public cloud solutions alone, businesses that start to embrace a bespoke hybrid cloud offering will be better equipped to respond to these fluctuating changes in demand whilst still ensuring continuous innovation as well as compliance and protection of consumer data.
Why it’s risky for financial firms to rely on mobile device authentication
Source: Finance Derivative
Niall McConachie, regional director (UK & Ireland) at Yubico
Using mobile phones to sign into online services can offer people a sense of security and convenience. However, when their devices are damaged, lost, or stolen, they can quickly experience why relying on mobile authentication methods is not the best choice when it comes to protecting their online identities.
Despite this, many financial firms and institutions in the UK continue to encourage their customers and employees to use this form of digital authentication when accessing sensitive data. With cyber attacks being the most cited risk to the UK financial system, it is important that leaders understand the increased risks that they take on with continued use of ineffective authentication and poor cyber hygiene practices.
Limitations of mobile devices and passwords
Aside from being easily lost, stolen, or broken, the effectiveness of mobile-based authentication can be limited depending on the user’s location. For example, depending on where the mobile devices are being used, people may not have the reception needed to authenticate into an account. Additionally, they could be locked out of their accounts simply due to the device’s battery running out. However, even without these issues, mobile devices still pose considerable cybersecurity risks.
Indeed, findings from our recent State of Global Enterprise Authentication Survey, show that mobile SMS-based authentication (20 percent), push authenticator apps or mobile one-time passcodes (OTPs) (23 percent), and passwords (23 percent) are believed to be the most secure forms of digital authentication by UK respondents. As financial firms use these methods so often, it is understandable why customers and employees would come to this assumption. However, this is a misconception.
While any form of authentication is better than none, passwords and mobile-based authentication methods – including SMS verification, OTPs, and digital authentication apps – are all vulnerable to many modern cybersecurity threats. These include SIM swapping, phishing, password spraying, man-in-the-middle (MitM) attacks, and ransomware attacks which can all lead to possible data breaches, imposing serious consequences on UK financial organisations.
Improved cyber hygiene practices and training for employees
According to the survey, the primary ways that UK employees signed into their business accounts were with usernames and passwords (53 percent), mobile SMS-based authentication (24 percent), and push authenticator apps or mobile OTPs (19 percent), indicating that UK employees are not choosing the best form of authentication methods. These practices leave their accounts easily compromised by bad actors.
Additionally, it is important to note that no authentication solution can be fully effective in mitigating emerging cyber threats if used alongside poor cyber hygiene practices, which play a significant role in reducing an organisation’s cyber resiliency against external threats.
Overall, it appears that UK organisations are not properly enforcing best-practice cyber training amongst their internal staff. Findings show that only 42 percent of respondents are required to go through frequent cybersecurity training. The report also revealed significant lapses in employees’ cyber-hygiene practices. For instance, over the previous 12 months, UK respondents admitted to using a work-issued device for personal use (49 percent), allowing their work-issued device to be used by someone else (33 percent), not reporting a phishing attempt (31 percent), having an account reset due to lost or forgotten credentials (58 percent), and using a personal device for work (58 percent).
These poor habits should be concerning for finance firms because if an employee uses a personal device for work, bad actors can compromise that device and use it as a point of access to target their employer. As 73 percent of UK respondents claimed to have experienced a cyber attack in their personal lives within the previous 12 months – this and other similar scenarios are highly possible.
Moreso, the combination of weak authentication methods and poor digital habits make organisations especially vulnerable to cyber attacks which can directly target their customers, employees, and third party partners as well. Therefore, better cyber hygiene practices should be enforced on a regular basis to protect organisations fully and effectively from emerging threats.
Benefits of alternative authentication methods
For finance businesses looking for alternative methods, it is important to note that there are some forms of multi-factor authentication (MFA) and two-factor authentication (2FA) that are more robust than others. For example, some require users to authenticate with either a hardware security key or identity credential that is unique to the individual user like a fingerprint. With the help of FIDO protocols – globally recognised standards of public key cryptography techniques to deliver stronger authentication – stronger authentication methods like these provide users with a seamless experience when accessing their digital accounts by removing the need for passwords or mobile devices.
The National Cyber Security Centre (NCSC), recommends hardware-based security keys as a phishing-resistant solution against modern cyber attacks. In addition, a growing number of global companies and UK banks have implemented passwordless authentication. Apple, Barclays, Co-operative Bank, Google, HSBC, Microsoft, NatWest, Twitter, and the US Government are just a few reputable organisations which have opted for passwordless authentication.
Customers and staff should not be solely responsible for adjusting their own cybersecurity practices. It is also up to organisations to enhance their digital security by implementing phishing-resistant passwordless solutions. Whether using biometric identifiers or hardware security keys, these solutions are more effective and user-friendly than conventional authentication methods. They also offer robust authentication across multiple devices and accounts, reducing the number of times a user needs to sign in. However, most importantly, implementing business-wide passwordless solutions helps to reinforce an organisation’s security posture and significantly decreases the risk of emerging attacks.
Mobile-based authentication, OTPs, and passwords are some of the most widely used authentication methods but are not the most secure. As the finance sector continues to prioritise passwordless authentication, this will likely change customers’ and employees’ perceptions of what secure authentication truly is. Ultimately, providing users with the most secure authentication possible should be a top priority. With it, financial firms can experience the long-term benefits of improved data security, better user experience, and considerable ROI.
982/750 word minimum
Unlocking the Power of Data: Revolutionising Business Success in the Financial Services Sector
Source: Finance Derivative
Suki Dhuphar, Head of EMEA, Tamr
The financial services (FS) sector operates within an immensely data-abundant landscape. But it’s well-known that many organisations in the sector struggle to make data-driven decisions because they lack access to the right data to make decisions at the right time.
As the sector strives for a data-driven approach, companies focus on democratising data, granting non-technical users the ability to work with and leverage data for informed decision-making. However, dirty data, riddled with errors and inconsistencies, can lead to flawed analytics and decision-making. Siloed data across departments like Marketing, Sales, Operations, or R&D exacerbates this issue. Breaking down these barriers is essential for effective data democratisation and achieving accurate insights for decision-making.
An antidote to dirty, disconnected data
Overcoming the challenges presented by dirty, disconnected data is not a new problem. But, there are new solutions – such as shifting strategies to focus on data products – which are proven to deliver great results. But, what is a data product?
Data products are high-quality, accessible datasets that organisations use to solve business challenges. Data products are comprehensive, clean, and continuously updated. They make data tangible to serve specific purposes defined by consumers and provide value because they are easy to find and use. For example, an investment firm can benefit from data products to gain insights into market trends and attract more capital. These offer a scalable solution for connecting alternative data sources, providing accurate and continuously updated views of portfolio companies. Using machine learning (ML) based technology enables the data product to adapt to new data sources, giving a firm’s partners confidence in their investment decisions.
But, before companies can reap the benefits of data products, the development of a robust data product strategy is a must.
Where to begin?
Prior to embarking on a data product strategy, it is imperative to establish clear-cut objectives that align with your organisation’s overarching business goals. Taking an incremental approach enables you to make a real impact against a specific objective – such as streamlining operations to enhance cost efficiency or reshaping business portfolios to drive growth – by starting with a more manageable goal and then building upon it as the use case is proved. For companies that find themselves uncertain about where to begin their move to data products, tackling your customer data is a good place to start for some quick wins to increase the success of the customer experience programmes.
Getting a good grasp on data
Once an objective is in place, it’s time for an organisation to assess its capabilities for executing the data product strategy. To do this, you need to dig into the nitty-gritty details like where the data is, how accurate and complete it is, how often it gets updated, and how well it’s integrated across different departments. This will give a solid grasp of the actual quality of the data and help allocate resources more efficiently. At this stage, you should also think about which stakeholders from across the business from leadership to IT will need to be involved in the process and how.
Once that’s covered, you can start putting together a skilled team and assigning responsibilities to kick-off the creation and management of a comprehensive data platform that spans all relevant departments. This process also helps spot any gaps early on, so you can focus on targeted initiatives.
Identifying the problem you will solve
Now let’s move on to the next step in our data product strategy. Here we need to identify a specific problem or challenge that is commonly faced in your organisation. It’s likely that leaders in different departments, like R&D or procurement, encounter obstacles that hinder their objectives that could be overcome with better insight and information. By defining a clear use case, you will build a real solution to a challenge they are facing rather than a data product for the sake of having data. This will be an impactful case study for your entire organisation to understand the potential benefits of data products and increase appetite for future projects.
Getting buy-in from the business
Once you have identified the problem you want to solve, you need to secure the funding, support, and resources to move the project ahead. To do that, you must present a practical roadmap that shows how you will quickly deliver value. You should also showcase how to improve it over time once the initial use case is proven.
The plan should map how you will measure success effectively with specific indicators (such as KPIs) that are closely tied to business goals. These indicators will give you a benchmark of what success looks like so you can clearly show when you’ve delivered it.
Getting the most out of your data product
Once you’ve got the green light – and the funds – it’s time to put your plan into action by creating a basic version of your data product, also known as a minimum viable data product (MVDP). By starting small and gradually enhancing with each new release you are putting yourself in the best stead to encourage adoption and also (coming back to our iterative approach) help you secure more resources and funding down the line.
To make the most of your data product, it’s essential to tap into the knowledge and experience of business partners as they know how to make the most of the data product and integrate it into existing workflows. Additionally, collecting feedback and using it to improve future releases will bring even more value to end users in the business and, in turn, your customers.
Unlocking the power of data (products)
It’s crucial for companies in FS to make the most of the huge amount of data they have at their disposal. It simply doesn’t make sense to leave this data tapped and not use it to solve real challenges for end users in the business and, in turn, improve the customer experience! By adopting effective strategies for data products, FS organisations can start to maximise the incredible value of their data.
HOW SMALL BUSINESSES CAN FIGHT BACK AGAINST POOR PAYMENT PRACTICES
Source: Finance Derivative
SMEs across the UK are facing a challenging economic environment and late payments pose a severe challenge to maintaining cash flow. Here, Andrea Dunlop, managing director at Access PaySuite, explores the challenges facing small and medium sized businesses, the risks that late payments carry, and what can be done to secure timely payments, in full.
It’s estimated that UK businesses are currently owed more than £23.4bn in outstanding invoices. For all businesses, managing the outward flow of products and services with a steady incoming cash flow is a fine balance – with unexpected disruptions and complications capable of causing catastrophic problems.
Late and delayed payments have been identified as a significant challenge for SMEs – an issue that has scaled over recent years. In fact, in its latest report, the Federation for Small Businesses (FSB) stated that the UK is “almost unique in being a place where it is acceptable to pay small businesses late”.
The FSB also states that this “will remain the case without further action” and, as such, has called for government action to put a stop to these damaging trends.
Small businesses form a vital part of the economic ecosystem – in 2022, it was estimated that 99% of UK businesses were SMEs – so poor payment systems not only present a very real threat for individual businesses, but for the UK economy as a whole.
Despite this strong case for urgent action to be taken, changes to legislation can be a slow process and, in the face of ongoing economic pressure, small businesses need more immediate solutions.
Although businesses are at the liberty of their customers and clients, there are a number of actionable steps SMEs can take to increase the rate of prompt and complete payments.
The impact of late payments for SMEs
Published in Q4 2022, research published by the ICAEW demonstrates that around half of invoices issued by small businesses are paid late.
More often than not, small businesses operate within a chain of regular suppliers and customers. These chains can include multiple business links, stretching across sectors and regions. As a heavily interwoven ecosystem, if one ‘link’ in the chain is damaged by late payments and unreliable cash flow, the delays can quickly escalate and create a domino effect of complications across the whole system.
With a lack of consistent income, SMEs are more likely to be prevented from paying their overheads and suppliers on time.
As late payments add up and push multiple businesses into a negative cash flow, the problem can continue to snowball.
Simply put, extended periods of unreliable and heavily reduced payments put whole supply chains of companies in very dangerous financial positions – especially as running costs remain high.
Combined, the complexities arising from late payments and the vast scale of the issue, demonstrates a clear need for systemic change.
Current government action
At the end of January, the government published a review of the reporting of payment practices first introduced in 2017 .
This review stated that the government is committed to “stamp[ing] out the worst kind of poor payment practices within the business community”.
The 2017 Payment Practices and Performance Regulations require all large UK companies to report publicly on their payment policies, practices and performance, to ensure accountability.
Following its review, a new consultation has been launched, seeking the opinion of business owners on current regulations – asking whether this existing policy should extend beyond its current expiry date, 6 April 2024. This consultation is part of a wider examination of payments in the UK.
Delving into issues including the emotional and psychological impact of late payments on small business owners – as well as analysing how banks and technology can help – the government’s review is a welcome development, but SMEs need to take more immediate action to strengthen their payment processes.
What can SMEs do?
With the government consultation finalising at the end of April, the future of the payment landscape in the UK will soon be made clearer – but what actions can SMEs take to immediately strengthen their payment processes?
For many SMEs, payment systems are low down the list of priorities, and the fear of disruption or additional costs can lead many to turning a blind eye to problems with their existing systems. But, with challenges around cash flow increasing, investing in a flexible and comprehensive payment system could be an incredibly worthwhile investment.
Issuing regular invoices takes a lot of time, and when working across different clients with different payment frequencies invoicing can lead to unnecessary complexities.
Instead, systems that enable customers to set up direct debits ensure payments are completed on a set date, reduce additional paperwork and still allow bespoke schedules for each client or customer to be arranged.
In many SMEs, missed payments can easily get lost in piles of paperwork and human-error can result in problems down the line. When using digital payment systems, should a missed payment occur, automated capabilities ensure the issue is flagged, and any outstanding challenges can be resolved in a timely manner.
With payments and invoicing automatically managed in a centralised database, countless hours that would otherwise be spent on repetitive and laborious administrative work are saved.
As well as reducing the amount of staff time spent managing processes and tracking financial activity, a reliable payment system delivers benefits for customers too, and contributes towards greater service and boosting brand loyalty.
In the coming weeks and months, new government guidance should clarify legislative expectations for businesses regarding payments. But, with smart investment in specialist software solutions, our country’s vital SMEs can take the necessary safeguarding steps to boost payment security and thrive through this tough financial time.