[Column] David Bunei: Stay ahead of those data security woes
The very factors that have helped to make Kenya such a motivated and major African player in the Digital Age have also made local organisations in the public and private sector vulnerable to security threats and compliance issues. The good news is that, next-generation cloud infrastructure and applications are mitigating these concerns with their autonomous capabilities, ensuring a higher level of security than ever before.
In 2018, Kenya’s economy lost Sh29.5 billion to cybercrime and related activities, up 40% from the previous year. The Communication Authority of Kenya also reported that in Q4 2018, the number of cybersecurity threats in the country jumped 167% to 10.2 million from 3.8 million in Q3.
Faced with such intimidating figures, many enterprises – especially those in high-risk sectors such as Government and Banking – are investing heavily in cybersecurity measures or carefully exploring digital transformation, the very process that will help them to operate more efficiently and cost-effectively.
At Oracle, we have been integrating security into our solutions and protecting our customers’ sensitive data for decades. Oracle solutions have multi-layered security built-in and integrated, whether talking about Oracle Cloud Infrastructure, Autonomous Database, SaaS applications as well as our traditional on-premises infrastructure and applications. Of course, with more customers moving to cloud, we have intensified our focus on security, taking advantage of developments in AI, and related machine learning, to protect customers’ sensitive data and ease their security burden.
Last year at Oracle’s annual OpenWorld conference in San Francisco, attendees were able to learn more about the role Oracle’s Generation 2 cloud has in underpinning a wide variety of new cloud services such as Oracle’s Autonomous Database. Autonomous functionality is very important to cybersecurity as a large percentage of system breaches are the result of not being able to respond to events, self-patch or self-tune to mitigate against compromises or outages. Secure by design – in fact, having security architected into every layer– Oracle Generation 2 Cloud is designed to configure, manage and secure systems for the customer, based on their requirements. Human error is removed because processes are no longer manual, and patches are applied automatically in the background while running to avoid downtime. The same applies to data encryption, backup and a general enforcement of security policies.
As an example, Oracle Data Safe was just one of several next-generation cloud security services introduced at OpenWorld this year. Data Safe helps organisations protect their databases more effectively in a way consistent with best practices. Data Safe can identify sensitive data and mask it for use in partner or development environments. It also alerts on risky users and system configurations, and proactively monitors database activity to spotlight and respond to suspicious access attempts. After all, data is at risk from both external threats and those – whether accidental or deliberate – within organisations.
Such cloud-embedded simplification of security tasks for businesses is particularly relevant in Kenya, where there were only 1,700 skilled cybersecurity professionals in the country in 2018. Generation 2 Cloud security measures help to fill a noticeable gap and keep organisations safe.
The narrative around cloud and cybersecurity is also changing worldwide. Security in the cloud is now being recognised as secure, or more secure, than what can be achieved on-premise by 72% of those surveyed in the Oracle and KPMG Cloud Threat Report 2019. Security is now named as the biggest benefit to cloud by 66% of C-level executives, putting it ahead of both cost and scalability.
Data security is also closely linked to compliance in terms of handling personal information. Oracle’s second-generation cloud security solutions are designed to keep sensitive data safe and out of sight on Oracle cloud databases thanks to automatic encryption, advanced access controls, always-on separation of duty, data masking and redaction. It’s one of the reasons, Rakuten Securities, Japan’s largest online financial brokerage company, chose Oracle Database Security to address their strict regulatory requirements, while efficiently managing social security and tax ID numbers for 2 million customer accounts across a complex network of disparate systems.
With financial losses, fines and reputations at stake, it is critical for companies to ensure the security of their data and resiliency of their systems in the face of continually evolving threats and regulations. With Generation 2 Cloud, the burden shifts from enterprises to Oracle, and with Oracle’s embedded AI doing most of the work, customers have the chance to really innovate instead of expending so much time and manpower on patches and staying up to date with defensive measures. Cloud services are a viable option for the most critical enterprise workloads. Fears around data security should never hold an organisation back from exploring this path to greater, immediate business value.