Hello again. In a previous posting I raised the flag in favour of SaaS for finance industry and more specifically Family Offices. I also expressed the sentiment that cloud security is the main concern. The fight against hackers and other malevolent parties who are out there to steal your data goes on and it has now become a fact of life for datacentre providers and software editors.
In this post I will give an update on some current events and trends in Cloud Computing from a general as well as a financial systems perspective. I will also make some brief reference to how cloud systems are protected.
Three recent internet vulnerabilities, Shellshock, Heartbleed and – the somewhat more amusingly named - Poodle, have been characteristically associated with legacy systems or generic bugs, rather than arising from specific platform weaknesses. Microsoft has also fixed two “zero days” vulnerabilities which had apparently been around for quite some time and used by hackers in different ways.
Meanwhile efforts are increased to improve encryption technologies in diverse areas even mobile phones and chat platforms. Amazon in an attempt to entice European business users is now opening data centres in Germany and promises enhanced data encryption. In a major move towards cloud computing, KPMG has recently announced that it is entering into the business of providing cloud based accountancy services.
Despite unavoidable financial hit to their revenues, SAP and IBM are pushing forward with their cloud offers and working hard to push their customers in that direction. The drive for cloud computing remains unabated.
Ultimately there are two ways that your security can be breached on the internet:
Hackers breach firewalls and login authentication processes to access either the client systems or the server side
Hackers interpose themselves in the data communication between the two sides and steal data
Both areas must of course be addressed by CTOs, but inevitably data will always need to be communicated between the parties in any business scenario. Encryption is therefore vital in order to ensure that information is read only by the people for whom it is meant. In recent years there have been great advances in encryption technologies, to the extent that even governments have raised concerns whether information can become virtually inaccessible by them as a result of the use of such technologies.
Any cloud system worth its money needs to provide such sophisticated technology, but also to ensure that cloud servers are updated regularly to block new threats.
We at Elysys have designed our ERP financial management SaaS on proven secure Microsoft platforms and cloud enabled software that are monitored and continually updated for newly discovered vulnerabilities. We believe that mid-market financial entities such as family offices must consider the cloud as an alternative.
Tony is a member of the Institute of Chartered Accountants in England and Wales and has worked for many years both in accounting practice as well as in the finance industry. He has a long track record in the application of financial and other software both as an end user as well as a provider of software and services to third parties.